RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 4 records.

Status: Verified (4)

RFC 4210, "Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP)", September 2005

Note: This RFC has been updated by RFC 6712, RFC 9480, RFC 9481

Source of RFC: pkix (sec)

Errata ID: 3949
Status: Verified
Type: Editorial
Publication Format(s) : TEXT

Reported By: Tom Biskupic
Date Reported: 2014-04-02
Verifier Name: Kathleen Moriarty
Date Verified: 2015-03-31

Section 5.3.4 says:

CertRepMessage ::= SEQUENCE {
         caPubs          [1] SEQUENCE SIZE (1..MAX) OF Certificate
                             OPTIONAL,
         response            SEQUENCE OF CertResponse
     }

It should say:

CertRepMessage ::= SEQUENCE {
         caPubs       [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
                          OPTIONAL,
         response         SEQUENCE OF CertResponse
     }

Notes:

The definition in the text is different to the one in the ASN.1 module contained in Appendix F. The correct text is assumed to be the one from Appendix F

CMPCertificate is a superset of Certificate which has one element. The new structure would allow for a new certificate type to be included. Not sure that it would ever happen.

Errata ID: 4078
Status: Verified
Type: Editorial
Publication Format(s) : TEXT

Reported By: Lijun Liao
Date Reported: 2014-08-11
Verifier Name: Kathleen Moriarty
Date Verified: 2015-03-31

Section 5.3.4 says:

     CertOrEncCert ::= CHOICE {
         certificate     [0] Certificate,
         encryptedCert   [1] EncryptedValue
     }

It should say:

     CertOrEncCert ::= CHOICE {
         certificate     [0] CMPCertificate,
         encryptedCert   [1] EncryptedValue
     }

Notes:

The definition of CertOrEncCert in Section 5.3.4 and Appendix F of CertOrEncCert differs.

This is a change that makes no difference on the wire. This is the same issue as errata 3949.

Errata ID: 5201
Status: Verified
Type: Editorial
Publication Format(s) : TEXT

Reported By: Simon Edänge
Date Reported: 2017-12-12
Verifier Name: Roman Danyliw
Date Verified: 2022-02-04

Section Appendix D.4 says:

   Initialization Response -- ip

   Field                Value

   sender               CA name
     -- the name of the CA who produced the message
   messageTime          present
     -- time at which CA produced message
   protectionAlg        MS_MAC_ALG
     -- only MAC protection is allowed for this response

It should say:

   Initialization Response -- ip

   Field                Value

   sender               CA name
     -- the name of the CA who produced the message
   messageTime          present
     -- time at which CA produced message
   protectionAlg        MSG_MAC_ALG
     -- only MAC protection is allowed for this response

Notes:

There is a typo in Appendix D.4 -- "MS_MAC_ALG" should be "MSG_MAC_ALG"

Errata ID: 7549
Status: Verified
Type: Editorial
Publication Format(s) : TEXT

Reported By: Rufus Buschart
Date Reported: 2023-06-23
Verifier Name: Roman Danyliw
Date Verified: 2023-06-23

Section 3.1.2. point 11 says:

correct RA of CA public key

It should say:

correct RA or CA public key

Notes:

From the context it is obvious that there is a typo in the original text. This claim is supported by the fact that the "r" and the "f" key are next to each other on the keyboard.

Report New Errata



Advanced Search