RFC Errata
Found 2 records.
Status: Verified (1)
RFC 7714, "AES-GCM Authenticated Encryption in the Secure Real-time Transport Protocol (SRTP)", December 2015
Source of RFC: avtcore (wit)
Errata ID: 4938
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Paul E. Jones
Date Reported: 2017-02-16
Verifier Name: Murray Kucherawy
Date Verified: 2023-11-08
Section 11 says:
A Key Derivation Function (KDF) is used to derive all of the required encryption and authentication keys from a secret value shared by the endpoints. The AEAD_AES_128_GCM algorithm MUST use the (128-bit) AES_CM PRF KDF described in [RFC3711]. AEAD_AES_256_GCM MUST use the AES_256_CM_PRF KDF described in [RFC6188].
It should say:
A Key Derivation Function (KDF) is used to derive all of the required encryption and authentication keys from a secret value shared by the endpoints. The AEAD_AES_128_GCM algorithm MUST use the (128-bit) AES_CM PRF KDF described in [RFC3711]. AEAD_AES_256_GCM MUST use the AES_256_CM_PRF KDF described in [RFC6188]. Since the KDF functions in those RFCs assume as input a 112-bit master salt, the 96-bit master salt specified in this document must be multiplied by 2^16 to form the 112-bit salt used as the master salt in those key derivation functions.
Notes:
The salt specified in RFC 7714 is 96 bits in length, but intended for use in KDF functions defined in RFC 3711. This led to different interpretations when implementing this RFC. A more complete description was presented on the avtcore mailing list (https://mailarchive.ietf.org/arch/msg/avt/IRfLuNKglD3qhqwSz3v3t0CG6fA) and, after some dialog, there seemed to be agreement to adopt the approach most widely implemented (https://mailarchive.ietf.org/arch/msg/avt/-C1cIWQXpyzS2KfBjGR6B2kK92w). This suggested text is intended to reflect that agreement. In effect, 16 zero bits are padded to the right of the salt value defined in RFC 7714 (creating a 112 bit salt value) before it is used as described in the KDF functions defined in RFC 3711 that require a 112 bit salt value.
Status: Reported (1)
RFC 7714, "AES-GCM Authenticated Encryption in the Secure Real-time Transport Protocol (SRTP)", December 2015
Source of RFC: avtcore (wit)
Errata ID: 7858
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Doug Gibbons
Date Reported: 2024-03-20
Section 17 says:
The examples in this section are all based upon the same RTCP packet: 81c8000e 4d617273 4e545031 4e545031 52545020 0000042a 0000eb98 4c756e61 deadbeef deadbeef deadbeef deadbeef deadbeef with 32-bit SRTCP index 000005d4.
It should say:
The examples in this section are all based upon the same RTCP packet: 81c8000d 4d617273 4e545031 4e545032 52545020 0000042a 0000e930 4c756e61 deadbeef deadbeef deadbeef deadbeef deadbeef with 32-bit SRTCP index 000005d4.
Notes:
The text at the beginning of Section 17 presents a sample RTCP packet which it expects to be used in subsequent examples. However, all the examples indicate they are based on the packet in the corrected text.