RFC Errata


Errata Search
 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Reported (2)

RFC 9594, "Key Provisioning for Group Communication Using Authentication and Authorization for Constrained Environments (ACE)", September 2024

Source of RFC: ace (sec)

Errata ID: 8239
Status: Reported
Type: Technical
Publication Format(s) : HTML
Reported By: Marco Tiloca
Date Reported: 2025-01-03

Section 4.4.1.1 says: 

Payload (in CBOR diagnostic notation):
{
  / creds /            13: [h'a2026008a101a5010202410320012158

It should say:

Payload (in CBOR diagnostic notation):
{
  / num /               9: 12,
  / creds /            13: [h'a2026008a101a5010202410320012158

Notes:

The reported Figure 17 shows an example of 2.05 (Content) response to a FETCH request sent to the resource /ace-group/GROUPNAME/creds at the KDC.

In that example, the parameter 'num' is missing in the response, while the parameter has to be included according to the format of that response as defined in Section 4.4.1, i.e.:

> If all verifications succeed, the handler returns a 2.05 (Content) message response with the payload formatted as a CBOR map, containing only the following parameters from Section 4.3.1.
>
> * 'num': encoding the version number of the current group keying material.
> * 'creds': encoding the list of authentication credentials of the selected group members.
> * 'peer_roles': encoding the role(s) that each of the selected group members has in the group. This parameter SHOULD be present, and it MAY be omitted according to the same criteria defined for the Join Response (see Section 4.3.1).
> * 'peer_identifiers': encoding the node identifier that each of the selected group members has in the group.

Errata ID: 8864
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Marco Tiloca
Date Reported: 2026-04-01

Section 4.4.1 says: 

      -  The arrays 'role_filter' and 'id_filter' MUST NOT both be
         empty, i.e., in CDDL notation: [ bool, [ ], [ ] ].  If the
         'get_creds' parameter has such a format, the request MUST be
         considered malformed, and the KDC MUST reply with a 4.00 (Bad
         Request) error response.

It should say:

      -  The arrays 'role_filter' and 'id_filter' MUST NOT both be
         empty, i.e., in CBOR diagnostic notation: [ true, [ ], [ ] ]
         or [ false, [ ], [ ] ].  If the 'get_creds' parameter has such
         a format, the request MUST be considered malformed, and the
         KDC MUST reply with a 4.00 (Bad Request) error response.

Notes:

In the original text, the CDDL notation is not valid CDDL, but rather a hybrid of CDDL and CBOR diagnostic notation.

The new text uses the intended and valid CBOR diagnostic notation, separately covering the two cases where the first element of the outer array is true or false.

Report New Errata



Advanced Search