RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 4 records.

Status: Verified (3)

RFC 6402, "Certificate Management over CMS (CMC) Updates", November 2011

Source of RFC: pkix (sec)

Errata ID: 3860
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Russ Housley
Date Reported: 2014-01-05
Verifier Name: Sean Turner
Date Verified: 2014-01-06

Section Appendix A says:

   EnrollmentMessageSyntax-2011-v88
    { iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-enrollMsgSyntax-2011-88(76) }

It should say:

   EnrollmentMessageSyntax-2011-v88
    { iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-enrollMsgSyntax-2011-88(75) }

Notes:

The ASN.1 modules in Appendix A.1 and Appendix A.2 use the same module identifier. This correction fixes this situation, and aligns with the module identifiers assignments.

Errata ID: 5931
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Russ Housley
Date Reported: 2019-12-07
Verifier Name: Benjamin Kaduk
Date Verified: 2019-12-11

Section Appendix A.1 says:

    id-kp-cmcCA OBJECT IDENTIFIER ::= { id-kp 27 }
    id-kp-cmcRA OBJECT IDENTIFIER ::= { id-kp 28 }
    id-kp-cmcArchive OBJECT IDENTIFIER ::= { id-kp 28 }

It should say:

    id-kp-cmcCA OBJECT IDENTIFIER ::= { id-kp 27 }
    id-kp-cmcRA OBJECT IDENTIFIER ::= { id-kp 28 }
    id-kp-cmcArchive OBJECT IDENTIFIER ::= { id-kp 29 }

Notes:

id-kp-cmcRA and id-kp-cmcArchive are supposed to be different values. This change matches what is already in Appendix A.2.

Errata ID: 6571
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Russ Housley
Date Reported: 2021-05-04
Verifier Name: Roman Danyliw
Date Verified: 2022-05-10

Section Appendix A.1 says:

         pendInfo               PendInfo,
         extendedFailInfo       SEQUENCE {

It should say:

         pendInfo               PendInfo,
         extendedFailInfo       [1] SEQUENCE {

Notes:

The ASN.1 module will not compile properly without a tag on one of these elements. The ASN.1 module in Appendix A.2 has a tag in this spot.

Status: Held for Document Update (1)

RFC 6402, "Certificate Management over CMS (CMC) Updates", November 2011

Source of RFC: pkix (sec)

Errata ID: 3943
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Jim Schaad
Date Reported: 2014-04-02
Held for Document Update by: Benjamin Kaduk
Date Held: 2019-12-16

Section 2.8, says:

      ChangeSubjectName ::= SEQUENCE {
          subject             Name OPTIONAL,
          subjectAlt          SubjectAltName OPTIONAL
      }
      (WITH COMPONENTS {..., subject PRESENT} |
            COMPONENTS {..., subjectAlt PRESENT} )

It should say:

      ChangeSubjectName ::= SEQUENCE {
          subject             Name OPTIONAL,
          subjectAlt          [1] SubjectAltName OPTIONAL
      }
      (WITH COMPONENTS {..., subject PRESENT} |
            COMPONENTS {..., subjectAlt PRESENT} )

Notes:

Both Name and SubjectAltName use the same tag (SEQUENCE) so it is not possible to distinguish between the two fields without having a tag on one of them. This fix adds an (arbitrarily chosen) tag so that it is possible to differentiate the two fields.

Report New Errata



Advanced Search