RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 4211, "Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF)", September 2005

Source of RFC: pkix (sec)

Errata ID: 2345
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Alfred Hoenes
Date Reported: 2005-11-08
Held for Document Update by: Tim Polk
Date Held: 2010-07-29

Section 6.3 says:

At the bottom of page 20, says:

  The fields of SinglePubInfo have the following meaning:

      pubMethod indicates the address type for the location at which the
      requestor desires the certificate to be placed by the CA/RA.

         dontCare indicates that the CA/RA can publish the certificate
         in whatever locations it chooses.  If dontCare is used, the
         pubInfos field MUST be omitted.
            ^^^^^

(To make the full context visible, I have shown more text than
would be necessary for the errata note.)
>From the context, I strongly suspect that the RFC text should say:

  The fields of SinglePubInfo have the following meaning:

      pubMethod indicates the address type for the location at which the
      requestor desires the certificate to be placed by the CA/RA.

         dontCare indicates that the CA/RA can publish the certificate
         in whatever locations it chooses.  If dontCare is used, the
         pubLocation field MUST be omitted.
            ^^^^^^^^

It should say:

[see above]     

Notes:

Rationale: pubInfos is a "SEQUENCE SIZE (1..MAX) OF SinglePubInfo".
I cannot imagine how a certain value of a SinglePubInfo instance
subfield can ever imply a MUST to omit the full enclosing structure,
pubInfos -- which would have removed this subfield as well :-) .
Perhaps, the text has been cloned from the explanation of the
'dontPublish' value of the PKIPublicationInfo.action filed given
just below the text excerpt reproduced under item (7) above
without fully applying the proper changes.

Report New Errata