RFC Errata
Found 1 record.
Status: Rejected (1)
RFC 9807, "The OPAQUE Augmented Password-Authenticated Key Exchange (aPAKE) Protocol", July 2025
Source of RFC: IRTF
Errata ID: 8675
Status: Rejected
Type: Technical
Publication Format(s) : TEXT, PDF, HTML
Reported By: paul esteban
Date Reported: 2025-12-11
Rejected by: Nick Sullivan
Date Rejected: 2026-01-28
Section 6.3.2.3 says:
concat(server_public_key, envelope) =
xor(credential_response_pad, response.masked_response)
It should say:
concat(server_public_key, envelope) = unknown?
Notes:
I believe the equation does not make sense, the ouput of a concatenation being equal to the XOR function, it seems something is missing, or sentence is a leftover? I don't know what the correct text should be
--VERIFIER NOTES--
Rejected. The submitter correctly identifies that the notation is confusing: having a function call on the left side of an assignment looks backwards. The equation is mathematically correct (XOR with the same pad recovers the concatenated data), but clearer notation would compute the XOR first, then parse the result. A future revision could address this. However, the proposed correction ("= unknown?") does not provide actionable replacement text.