RFC Errata
Found 4 records.
Status: Reported (4)
RFC 8461, "SMTP MTA Strict Transport Security (MTA-STS)", September 2018
Source of RFC: uta (sec)
Errata ID: 6253
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Daniel Shahaf
Date Reported: 2020-08-08
Section 3.2 says:
CRLF-separated key/value pairs
It should say:
LF- or CRLF-separated key/value pairs
Notes:
Rationale:
1. The definition of 'sts-policy-term' in the grammar explicitly allows use of either CRLF or bare LF.
2. On page 8, one of the example says "<CRLF>" explicitly at the end of the first line, while the second line of that example and all lines of the other example have neither "<CRLF>" nor "<LF>" appended to them. That makes it ambiguous whether those lines are terminated by LF or by CRLF.
Errata ID: 6285
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Paul Buonopane
Date Reported: 2020-09-10
Section 3.1 says:
sts-field-delim = *WSP ";" *WSP
It should say:
sts-field-delim = ";" *WSP
Notes:
The following text appears within the same section:
> If multiple TXT records for "_mta-sts" are returned by the resolver, records that do not begin with "v=STSv1;" are discarded.
The current definition of sts-field-delim is incompatible with that instruction. Either the instruction needs to be changed, a new delimiter needs to be defined that doesn't permit whitespace before the semicolon, or sts-field-delim needs to be modified.
Errata ID: 7282
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Benjamin Schwarze
Date Reported: 2022-12-21
Section 3.2 says:
sts-policy-max-age-value = 1*10(DIGIT)
It should say:
sts-policy-max-age-value = 1*8(DIGIT)
Notes:
As described under 3.2 at point "max_age", the maximum lifetime of a policy may only be 31557600 seconds. Therefore 8 digits in the ABNF for "sts-policy-max-age-value" would be sufficient.
On the other hand, if values larger than 31557600 seconds are allowed, the text under "max_age" should be adjusted.
Errata ID: 6525
Status: Reported
Type: Editorial
Publication Format(s) : TEXT
Reported By: Kaspar Etter
Date Reported: 2021-04-10
Section 4.2 says:
The certificate presented by the receiving MTA MUST not be expired
It should say:
The certificate presented by the receiving MTA MUST NOT be expired
Notes:
NOT should be capitalized.