RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (1)

RFC 5958, "Asymmetric Key Packages", August 2010

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 2653
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Sean Turner
Date Reported: 2010-12-01
Verifier Name: Stephen Farrell
Date Verified: 2011-11-12

Section 2 and App A says:

  ct-asymmetric-key-package CONTENT-TYPE ::=
    { AsymmetricKeyPackage IDENTIFIED BY id-ct-KP-aKeyPackage }

It should say:

  ct-asymmetric-key-package CONTENT-TYPE ::=
    { TYPE AsymmetricKeyPackage IDENTIFIED BY id-ct-KP-aKeyPackage }

Notes:

With the approval of errata 2612 (http://www.rfc-editor.org/errata_search.php?eid=2612), the asymmetric key package content type definition also needs to be updated to add "TYPE" to the CONTENT-TYPE definition.

Status: Reported (1)

RFC 5958, "Asymmetric Key Packages", August 2010

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 5962
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Kevin Braun
Date Reported: 2020-01-22

Section Appendix A says:

   PrivateKeyAlgorithms ALGORITHM ::= {
     ... -- Extensible
   }

   KeyEncryptionAlgorithms ALGORITHM ::= {
     ... -- Extensible
   }

It should say:

   PrivateKeyAlgorithms PUBLIC-KEY ::= {
     ... -- Extensible
   }

   KeyEncryptionAlgorithms CONTENT-ENCRYPTION ::= {
     ... -- Extensible
   }

Notes:

The above given information object sets are used in defining types PrivateKeyAlgorithmIdentifier and EncryptionAlgorithmIdentifier:

PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
{ PUBLIC-KEY,
{ PrivateKeyAlgorithms } }

EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
{ CONTENT-ENCRYPTION,
{ KeyEncryptionAlgorithms } }

The parameterized type AlgorithmIdentifier has two parameters, one an information object class and the other an information object set. The information object set must be contain objects of the given class, or else the table constraint in AlgorithmIdentifier will not be valid. This requirement is not met as PrivateKeyAlgorithms and KeyEncryptionAlgorithms are currently defined, and therefore the definition is not valid according to ITU-T X.682.

An alternative correction would be to change the type definitions to specify "ALGORITHM" in the invocation of the parameterized type AlgorithmIdentifier.

Report New Errata