RFC Errata
Found 4 records.
Status: Verified (4)
RFC 4210, "Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP)", September 2005
Note: This RFC has been updated by RFC 6712, RFC 9480, RFC 9481
Source of RFC: pkix (sec)
Errata ID: 3949
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Tom Biskupic
Date Reported: 2014-04-02
Verifier Name: Kathleen Moriarty
Date Verified: 2015-03-31
Section 5.3.4 says:
CertRepMessage ::= SEQUENCE { caPubs [1] SEQUENCE SIZE (1..MAX) OF Certificate OPTIONAL, response SEQUENCE OF CertResponse }
It should say:
CertRepMessage ::= SEQUENCE { caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL, response SEQUENCE OF CertResponse }
Notes:
The definition in the text is different to the one in the ASN.1 module contained in Appendix F. The correct text is assumed to be the one from Appendix F
CMPCertificate is a superset of Certificate which has one element. The new structure would allow for a new certificate type to be included. Not sure that it would ever happen.
Errata ID: 4078
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Lijun Liao
Date Reported: 2014-08-11
Verifier Name: Kathleen Moriarty
Date Verified: 2015-03-31
Section 5.3.4 says:
CertOrEncCert ::= CHOICE { certificate [0] Certificate, encryptedCert [1] EncryptedValue }
It should say:
CertOrEncCert ::= CHOICE { certificate [0] CMPCertificate, encryptedCert [1] EncryptedValue }
Notes:
The definition of CertOrEncCert in Section 5.3.4 and Appendix F of CertOrEncCert differs.
This is a change that makes no difference on the wire. This is the same issue as errata 3949.
Errata ID: 5201
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Simon Edänge
Date Reported: 2017-12-12
Verifier Name: Roman Danyliw
Date Verified: 2022-02-04
Section Appendix D.4 says:
Initialization Response -- ip Field Value sender CA name -- the name of the CA who produced the message messageTime present -- time at which CA produced message protectionAlg MS_MAC_ALG -- only MAC protection is allowed for this response
It should say:
Initialization Response -- ip Field Value sender CA name -- the name of the CA who produced the message messageTime present -- time at which CA produced message protectionAlg MSG_MAC_ALG -- only MAC protection is allowed for this response
Notes:
There is a typo in Appendix D.4 -- "MS_MAC_ALG" should be "MSG_MAC_ALG"
Errata ID: 7549
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Rufus Buschart
Date Reported: 2023-06-23
Verifier Name: Roman Danyliw
Date Verified: 2023-06-23
Section 3.1.2. point 11 says:
correct RA of CA public key
It should say:
correct RA or CA public key
Notes:
From the context it is obvious that there is a typo in the original text. This claim is supported by the fact that the "r" and the "f" key are next to each other on the keyboard.