RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Held for Document Update (1)

RFC 2246, "The TLS Protocol Version 1.0", January 1999

Note: This RFC has been obsoleted by RFC 4346

Note: This RFC has been updated by RFC 3546, RFC 5746, RFC 6176, RFC 7465, RFC 7507, RFC 7919

Source of RFC: tls (sec)

Errata ID: 3482
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Florian Maury
Date Reported: 2013-02-11
Held for Document Update by: Sean Turner

Section 7.4.9. says:

The hash contained in finished messages sent by the server
incorporate Sender.server; those sent by the client incorporate
Sender.client. The value handshake_messages includes all handshake
messages starting at client hello up to, but not including, this
finished message. This may be different from handshake_messages in
Section 7.4.8 because it would include the certificate verify message
(if sent). Also, the handshake_messages for the finished message sent
by the client will be different from that for the finished message
sent by the server, because the one which is sent second will include
the prior one.

It should say:

The value handshake_messages includes all handshake messages starting
at client hello up to, but not including, this finished message. This 
may be different from handshake_messages in Section 7.4.8 because it 
would include the certificate verify message (if sent). Also, the
handshake_messages for the finished message sent by the client will 
be different from that for the finished message sent by the server, 
because the one which is sent second will include the prior one.

Notes:

The sentence about Sender.client and Sender.server is a remainder from the draft 2 and previous versions. The verification computation changed between draft 2 and draft 3 (as showed by rfcdiff http://tools.ietf.org/rfcdiff?difftype=--hwdiff&url2=draft-ietf-tls-protocol-03.txt ) but the sentence remained. It should be stripped as the Sender enumerated type is not even declared anymore.

Status: Rejected (1)

RFC 2246, "The TLS Protocol Version 1.0", January 1999

Note: This RFC has been obsoleted by RFC 4346

Note: This RFC has been updated by RFC 3546, RFC 5746, RFC 6176, RFC 7465, RFC 7507, RFC 7919

Source of RFC: tls (sec)

Errata ID: 3481
Status: Rejected
Type: Technical
Publication Format(s) : TEXT

Reported By: Martin Rex
Date Reported: 2013-02-08
Rejected by: Stephen Farrell
Date Rejected: 2014-05-08

Section 8.1.2 says:

8.1.2. Diffie-Hellman

   A conventional Diffie-Hellman computation is performed. The
   negotiated key (Z) is used as the pre_master_secret, and is converted
   into the master_secret, as specified above.

It should say:

8.1.2. Diffie-Hellman

   A conventional Diffie-Hellman computation is performed.  The
   negotiated key (Z) is used as the pre_master_secret, and is converted
   into the master_secret, as specified above.  Leading bytes of Z that
   contain all zero bits are stripped before it is used as the
   pre_master_secret.

Notes:

Adopting the clarification from rfc4346 Section 8.1.2. Not stripping the leading zero bits of Z will cause interop problems (handshake failures) with the installed base. Rfc2246 is still the authoritative spec for TLSv1.0. One can not implement TLSv1.0 from rfc4346.
--VERIFIER NOTES--
We don't post errata for things fixed when an RFC is obsoleted.

Report New Errata



Advanced Search