RFC Errata


Errata Search
 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Held for Document Update (2)

RFC 5425, "Transport Layer Security (TLS) Transport Mapping for Syslog", March 2009

Source of RFC: syslog (sec)

Errata ID: 1733
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2009-03-19
Held for Document Update by: Pasi Eronen

Section 4.2.1, pg.6 says: 

   o  End-entity certificate matching: The transport sender or receiver
      is configured with information necessary to identify the valid
      end-entity certificates of its authorized peers.  The end-entity
      certificates can be self-signed, and no certification path
      validation is needed.  Implementations MUST support certificate
|     fingerprints in Section 4.2.2 and MAY allow other formats for
      end-entity certificates such as a DER-encoded certificate.  This
      method provides an alternative to a PKI that is simple to deploy
      and still maintains a reasonable level of security.

It should say:

   o  End-entity certificate matching: The transport sender or receiver
      is configured with information necessary to identify the valid
      end-entity certificates of its authorized peers.  The end-entity
      certificates can be self-signed, and no certification path
      validation is needed.  Implementations MUST support certificate
|     fingerprints as specified in Section 4.2.2 and MAY allow other
                   ^^^^^^^^^^^^^ 
      formats for end-entity certificates such as a DER-encoded
      certificate.  This method provides an alternative to a PKI that is
      simple to deploy and still maintains a reasonable level of
      security.

Notes:

Clarification; keep for update!

Errata ID: 1734
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Alfred Hoenes
Date Reported: 2009-03-19
Held for Document Update by: Pasi Eronen

Section 5.1, pg.8 says: 

   In the simplest case, the transport sender and receiver are
|  configured with information necessary to identity the valid
   end-entity certificates of its authorized peers.

It should say:

   In the simplest case, the transport sender and receiver are
|  configured with information necessary to identify the valid
   end-entity certificates of its authorized peers.

Notes:

Typo: s/identity/identify/
^ ^
(keep for update!)

Report New Errata



Advanced Search