RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (1)

RFC 4462, "Generic Security Service Application Program Interface (GSS-API) Authentication and Key Exchange for the Secure Shell (SSH) Protocol", May 2006

Note: This RFC has been updated by RFC 8732, RFC 9142

Source of RFC: secsh (sec)

Errata ID: 4684
Status: Verified
Type: Editorial
Publication Format(s) : TEXT

Reported By: Dave Thompson
Date Reported: 2016-05-05
Verifier Name: Benjamin Kaduk
Date Verified: 2020-02-14

Section 8 says:

      The family of SSH key exchange method names beginning with "gss-
      group1-sha1-" and not containing the at-sign ('@'), to name the
      key exchange methods defined in Section 2.3.

It should say:

      The family of SSH key exchange method names beginning with "gss-
      group1-sha1-" and not containing the at-sign ('@'), to name the
      key exchange methods defined in Section 2.3.

      The family of SSH key exchange method names beginning with "gss-
      group14-sha1-" and not containing the at-sign ('@'), to name the
      key exchange methods defined in Section 2.4.

Notes:

The group14-sha1 family of key exchange method names was not listed in the IANA considerations as being registered. The registration is (already) correct in http://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-16

Status: Held for Document Update (1)

RFC 4462, "Generic Security Service Application Program Interface (GSS-API) Authentication and Key Exchange for the Secure Shell (SSH) Protocol", May 2006

Note: This RFC has been updated by RFC 8732, RFC 9142

Source of RFC: secsh (sec)

Errata ID: 1621
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Ben Harris
Date Reported: 2008-11-25
Held for Document Update by: Pasi Eronen

Section 9 says:

   In order for the "external-keyx" user authentication method to be
   used, it MUST have access to user authentication information obtained
   as a side-effect of the key exchange.  If this information is
   unavailable, the authentication MUST fail.

It should say:

   In order for the "gssapi-keyex" user authentication method to be
   used, it MUST have access to user authentication information obtained
   as a side-effect of the key exchange.  If this information is
   unavailable, the authentication MUST fail.

Notes:

As mentioned in section 8, the "external-keyx" name was used by an earlier version of thespec, but got replaced by "gssapi-keyex" before publication.

Report New Errata



Advanced Search