RFC Errata


Errata Search
 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (2)

RFC 5652, "Cryptographic Message Syntax (CMS)", September 2009

Note: This RFC has been updated by RFC 8933

Source of RFC: smime (sec)

Errata ID: 6250
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Russ Housley
Date Reported: 2020-08-06
Verifier Name: Benjamin Kaduk
Date Verified: 2020-08-07

Section 9.2 says: 

   If the authAttrs field is present, the content-type attribute (as
   described in Section 11.1) and the message-digest attribute (as
   described in Section 11.2) MUST be included, and the input to the MAC
   calculation process is the DER encoding of authAttrs.  A separate
   encoding of the authAttrs field is performed for message digest
   calculation.  The IMPLICIT [2] tag in the authAttrs field is not used
   for the DER encoding, rather an EXPLICIT SET OF tag is used.  That
   is, the DER encoding of the SET OF tag, rather than of the IMPLICIT
   [2] tag, is to be included in the message digest calculation along
   with the length and content octets of the authAttrs value.

It should say:

   If the authAttrs field is present, the content-type attribute (as
   described in Section 11.1) and the message-digest attribute (as
   described in Section 11.2) MUST be included, and the input to the MAC
   calculation process is the DER encoding of authAttrs.  A separate
   encoding of the authAttrs field is performed for message digest
   calculation.  The IMPLICIT [2] tag in the authAttrs field is not used
   for the DER encoding, rather an EXPLICIT SET OF tag is used.  That
   is, the DER encoding of the SET OF tag, rather than of the IMPLICIT
   [2] tag, is to be included in the MAC calculation along
   with the length and content octets of the authAttrs value.

Notes:

The paragraph is talking about the input to a MAC calculation, not the input to message digest calculation.

Errata ID: 6546
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Daniel Kahn Gillmor
Date Reported: 2021-04-15
Verifier Name: Benjamin Kaduk
Date Verified: 2021-04-15

Section 12.1 says: 

  -- Imports from Appendix B of this document
           AttributeCertificateV1
              FROM AttributeCertificateVersion1

It should say:

  -- Imports from Section 12.2 of this document
           AttributeCertificateV1
              FROM AttributeCertificateVersion1

Notes:

The AttributeCertificateVersion1 is defined in section 12.2; there is no Appendix B in this document.

Report New Errata



Advanced Search