RFC Errata
Found 1 record.
Status: Verified (1)
RFC 4754, "IKE and IKEv2 Authentication Using the Elliptic Curve Digital Signature Algorithm (ECDSA)", January 2007
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 4748
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Arnaud EBALARD
Date Reported: 2016-07-26
Verifier Name: Paul Wouters
Date Verified: 2024-02-27
Section 8 says:
8.1. ECDSA-256 IANA assigned the ID value 9 to ECDSA-256. ... vvvv 00000048 00090000 CB28E099 9B9C7715 FD0A80D8 E47A7707 9716CBBF 917DD72E 97566EA1 C066957C 86FA3BB4 E26CAD5B F90B7F81 899256CE 7594BB1E A0C89212 748BFF3B 3D5B0315 8.2. ECDSA-384 IANA assigned the ID value 10 to ECDSA-384. ... vvvv 00000068 000A0000 FB017B91 4E291494 32D8BAC2 9A514640 B46F53DD AB2C6994 8084E293 0F1C8F7E 08E07C9C 63F2D21A 07DCB56A 6AF56EB3 B263A130 5E057F98 4D38726A 1B468741 09F417BC A112674C 528262A4 0A629AF1 CBB9F516 CE0FA7D2 FF630863 A00E8B9F 8.3. ECDSA-521 IANA assigned the ID value 11 to ECDSA-521. ... vvvv 0000008C 000B0000 0154FD38 36AF92D0 DCA57DD5 341D3053 988534FD E8318FC6 AAAAB68E 2E6F4339 B19F2F28 1A7E0B22 C269D93C F8794A92 78880ED7 DBB8D936 2CAEACEE 54432055 22510177 05A70302 90D1CEB6 05A9A1BB 03FF9CDD 521E87A6 96EC926C 8C10C836 2DF49753 67101F67 D1CF9BCC BF2F3D23 9534FA50 9E70AAC8 51AE01AA C68D62F8 66472660
It should say:
8.1. ECDSA-256 IANA assigned the ID value 9 to ECDSA-256. ... vvvv 00000048 09000000 CB28E099 9B9C7715 FD0A80D8 E47A7707 9716CBBF 917DD72E 97566EA1 C066957C 86FA3BB4 E26CAD5B F90B7F81 899256CE 7594BB1E A0C89212 748BFF3B 3D5B0315 8.2. ECDSA-384 IANA assigned the ID value 10 to ECDSA-384. ... vvvv 00000068 0A000000 FB017B91 4E291494 32D8BAC2 9A514640 B46F53DD AB2C6994 8084E293 0F1C8F7E 08E07C9C 63F2D21A 07DCB56A 6AF56EB3 B263A130 5E057F98 4D38726A 1B468741 09F417BC A112674C 528262A4 0A629AF1 CBB9F516 CE0FA7D2 FF630863 A00E8B9F 8.3. ECDSA-521 IANA assigned the ID value 11 to ECDSA-521. ... vvvv 0000008C 0B000000 0154FD38 36AF92D0 DCA57DD5 341D3053 988534FD E8318FC6 AAAAB68E 2E6F4339 B19F2F28 1A7E0B22 C269D93C F8794A92 78880ED7 DBB8D936 2CAEACEE 54432055 22510177 05A70302 90D1CEB6 05A9A1BB 03FF9CDD 521E87A6 96EC926C 8C10C836 2DF49753 67101F67 D1CF9BCC BF2F3D23 9534FA50 9E70AAC8 51AE01AA C68D62F8 66472660
Notes:
In Figure 14 of Section 3.8 of RFC 7296 describing IKEv2 AUTH Payload format, the Auth Method field is a one byte field located just after the Payload Length field, i.e. Auth Method is encoded in the fifth byte of the AUTH Payload.
In Section 8.1 of RFC 4754, the example AUTH payload for ECDSA-256 encodes the Auth Method (0x09) in the sixth byte of the AUTH Payload instead of the fifth. This is the same in section 8.2 for ECDSA-384 and 8.3 for ECDSA-512, for which the Auth Method values (respectively 0x0A and 0x0B) are also encoded in the sixth bytes instead of the fifth.