RFC Errata
Found 2 records.
Status: Verified (2)
RFC 7929, "DNS-Based Authentication of Named Entities (DANE) Bindings for OpenPGP", August 2016
Source of RFC: dane (sec)
Errata ID: 4796
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Daniel Kahn Gillmor
Date Reported: 2016-09-08
Verifier Name: Stephen Farrell
Date Verified: 2016-09-08
Section 3 says:
6. The domain name (the "right-hand side" of the email address, called the "domain" in [RFC5322]) is appended to the result of step 2 to complete the prepared domain name.
It should say:
6. The domain name (the "right-hand side" of the email address, called the "domain" in [RFC5322]) is appended to the result of step 5 to complete the prepared domain name.
Notes:
Technically, it should be step 5, not step 2: after step 2, there is no _openpgpkey label in the composed domain name. step 5 adds the _openpgpkey label.
Errata ID: 4768
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: James Manger
Date Reported: 2016-08-08
Verifier Name: Stephen Farrell
Date Verified: 2016-08-08
Section 5.3. says:
For example, if the OPENPGPKEY RR query for hugh@example.com (8d57[...]b7._openpgpkey.example.com) yields a CNAME to 8d57[...]b7._openpgpkey.example.net, and an OPENPGPKEY RR for 8d57[...]b7._openpgpkey.example.net exists,
It should say:
For example, if the OPENPGPKEY RR query for hugh@example.com (c93f[...]d6._openpgpkey.example.com) yields a CNAME to c93f[...]d6._openpgpkey.example.net, and an OPENPGPKEY RR for c93f[...]d6._openpgpkey.example.net exists,
Notes:
The example hash 8d57[...]b7 is wrong. It has been calculated with the wrong hash algorithm: SHA-224, instead of SHA-256. The correct hash is c93f[...]d6, which is shown in the example in section 3.