RFC Errata
Found 3 records.
Status: Verified (2)
RFC 7292, "PKCS #12: Personal Information Exchange Syntax v1.1", July 2014
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 4356
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Will Bond
Date Reported: 2015-05-05
Verifier Name: Stephen Farrell
Date Verified: 2016-10-12
Appendix B.2 says:
6. For i=1, 2, ..., c, do the following:
A. Set A2=H^r(D||I). (i.e., the r-th hash of D||1,
H(H(H(... H(D||I))))
B. Concatenate copies of Ai to create a string B of length v
bits (the final copy of Ai may be truncated to create B).
It should say:
6. For i=1, 2, ..., c, do the following:
A. Set A_i=H^r(D||I). (i.e., the r-th hash of D||I,
H(H(H(... H(D||I))))
B. Concatenate copies of A_i to create a string B of length v
bits (the final copy of A_i may be truncated to create B).
Notes:
Step 6A explains a number of rounds of hashing D concatenated with I, however the i.e. clause shows concatenating D with 1 in one place. Also, Step 6A has been changed from "A2" to "A_i", and Step 6B has been changed from "Ai" to "A_i".
[David Thompson sent additional corrections, which have been incorporated above.]
Errata ID: 5795
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Russ Housley
Date Reported: 2019-07-28
Verifier Name: Benjamin Kaduk
Date Verified: 2019-08-01
Section Appendix C says:
pkcs-12PbeParams ::= SEQUENCE {
salt OCTET STRING,
iterations INTEGER
}
It should say:
Pkcs-12PbeParams ::= SEQUENCE {
salt OCTET STRING,
iterations INTEGER
}
Notes:
ASN.1 types must begin with a capital letter.
This might have been caught earlier if the parameters structure were included in the ASN.1 module, which is part of Appendix D.
Status: Reported (1)
RFC 7292, "PKCS #12: Personal Information Exchange Syntax v1.1", July 2014
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 4832
Status: Reported
Type: Editorial
Publication Format(s) : TEXT
Reported By: Jim Wigginton
Date Reported: 2016-10-15
Section B.4 says:
pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1}
pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2}
pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4}
pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5}
pbewithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6}
It should say:
pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1}
pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2}
pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3}
pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4}
pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5}
pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6}
Notes:
All the other OID names have a camelcase With. The last one, however (pbewithSHAAnd40BitRC2-CBC), has a lowercase with.
