RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (1)

RFC 4616, "The PLAIN Simple Authentication and Security Layer (SASL) Mechanism", August 2006

Note: This RFC has been updated by RFC 8996

Source of RFC: sasl (sec)

Errata ID: 6235
Status: Verified
Type: Editorial
Publication Format(s) : TEXT

Reported By: Benjamin Kaduk
Date Reported: 2020-07-24
Verifier Name: Roman Danyliw
Date Verified: 2022-01-19

Section 1 says:

   The PLAIN mechanism should not be used without adequate data security
   protection as this mechanism affords no integrity or confidentiality
   protections itself.  The mechanism is intended to be used with data
   security protections provided by application-layer protocol,
   generally through its use of Transport Layer Security ([TLS])
   services.

It should say:

   The PLAIN mechanism should not be used without adequate data security
   protection as this mechanism affords no integrity or confidentiality
   protections itself.  The mechanism is intended to be used with data
   security protections provided by an application-layer protocol,
   generally through its use of Transport Layer Security ([TLS])
   services.

Notes:

Missing "an" in "an application-layer protocol".

Status: Held for Document Update (1)

RFC 4616, "The PLAIN Simple Authentication and Security Layer (SASL) Mechanism", August 2006

Note: This RFC has been updated by RFC 8996

Source of RFC: sasl (sec)

Errata ID: 2629
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Julien Élie
Date Reported: 2010-11-12
Held for Document Update by: Tim Polk

Section 1 says:

   Specifications for IETF protocols that indicate that this
   mechanism is an applicable authentication mechanism MUST mandate that
   implementations support an strong data security service, such as TLS.

It should say:

   Specifications for IETF protocols that indicate that this
   mechanism is an applicable authentication mechanism MUST mandate that
   implementations support a strong data security service, such as TLS.

Notes:

Just a typo in "a strong data security service".

Report New Errata



Advanced Search