RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 3 records.

Status: Verified (2)

RFC 5996, "Internet Key Exchange Protocol Version 2 (IKEv2)", September 2010

Note: This RFC has been obsoleted by RFC 7296

Note: This RFC has been updated by RFC 5998, RFC 6989

Source of RFC: ipsecme (sec)

Errata ID: 2707
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Yaron Sheffer
Date Reported: 2011-02-06
Verifier Name: Sean Turner
Date Verified: 2011-03-26

Section 3.6 says:

[...] and also MUST be capable of being configured to send and accept the 
Hash and URL format (with HTTP URLs)

It should say:

[...] and also MUST be capable of being configured to send and accept the 
two Hash and URL formats (with HTTP URLs)

Notes:

This change from the original RFC 4306 text was made late in the process, responding to the Gen-Art reviewer comment. Factually, the document (earlier in the same section) defines two Hash and URL formats, making this sentence a clear inconsistency. The erratum is flagged as Technical because the text is normative.

Errata ID: 3036
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Valery Smyslov
Date Reported: 2011-11-26
Verifier Name: Sean Turner
Date Verified: 2011-11-27

Section 3.10 says:

      [...] Of the notifications defined in this document, the SPI is
      included only with INVALID_SELECTORS and REKEY_SA.


It should say:

      [...] Of the notifications defined in this document, the SPI is
      included only with INVALID_SELECTORS, REKEY_SA and CHILD_SA_NOT_FOUND.

Notes:

Original text was carried over from RFC4306 and contradicts with the text in section 2.25, which clearly says that SPI field in CHILD_SA_NOT_FOUND notification is populated. Notification CHILD_SA_NOT_FOUND was not defined in RFC4306, and the whole section 2.25 is new to RFC5996.

Status: Rejected (1)

RFC 5996, "Internet Key Exchange Protocol Version 2 (IKEv2)", September 2010

Note: This RFC has been obsoleted by RFC 7296

Note: This RFC has been updated by RFC 5998, RFC 6989

Source of RFC: ipsecme (sec)

Errata ID: 3718
Status: Rejected
Type: Technical
Publication Format(s) : TEXT

Reported By: Gerald Smith
Date Reported: 2013-09-04
Rejected by: Stephen Farrell
Date Rejected: 2014-06-03

Section 3.15.3 says:

A client can be assigned an IPv6 address using the
INTERNAL_IP6_ADDRESS Configuration payload. A minimal exchange might
look like this:

CP(CFG_REQUEST) =
INTERNAL_IP6_ADDRESS()
INTERNAL_IP6_DNS()
TSi = (0, 0-65535, :: - FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF)
TSr = (0, 0-65535, :: - FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF)

CP(CFG_REPLY) =
INTERNAL_IP6_ADDRESS(2001:DB8:0:1:2:3:4:5/64)
INTERNAL_IP6_DNS(2001:DB8:99:88:77:66:55:44)
TSi = (0, 0-65535, 2001:DB8:0:1:2:3:4:5 - 2001:DB8:0:1:2:3:4:5)
TSr = (0, 0-65535, :: - FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF)

It should say:

CP(CFG_REPLY) =
INTERNAL_IP6_ADDRESS(2001:DB8:0:1:2:3:4:5/64)
INTERNAL_IP6_DNS(2001:DB8:99:88:77:66:55:44)
TSi = (0, 0-65535, 2001:DB8:0:1:2:3:4:5 - 2001:DB8:0:1:2:3:4:5)
TSr = (0, 0-65535, 2001:DB8:0:1:: - 2001:DB8:0:1:FFFF:FFFF:FFFF:FFFF)

Notes:

The INTERNAL_IP6_ADDRESS returned in the CFG_REPLY is a 64 bit subnet, but the TSr returned in the CFG_REPLY shows a 0 bit subnet instead of the 64 bit subnet.

Kathleen told me to reject this! (Based on ipsecme list discussion.)
--VERIFIER NOTES--
Kathleen told me to!

Report New Errata



Advanced Search