IETF Logo Mail Archive

[Curdle] [Errata Held for Document Update] RFC8410 (5696)

RFC Errata System <rfc-editor@rfc-editor.org> Mon, 25 April 2022 20:22 UTC

Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E72BC3A440E; Mon, 25 Apr 2022 13:22:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.255
X-Spam-Level:
X-Spam-Status: No, score=0.255 tagged_above=-999 required=5 tests=[HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HHBFvwN94VCK; Mon, 25 Apr 2022 13:22:44 -0700 (PDT)
Received: from rfcpa.amsl.com (rfc-editor.org [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A5CCC3A4413; Mon, 25 Apr 2022 13:22:44 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id DD9A41210B8; Mon, 25 Apr 2022 13:22:43 -0700 (PDT)
To: LIJUN.LIAO@HUAWEI.COM, simon@josefsson.org, ietf@augustcellars.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: rdd@cert.org, iesg@ietf.org, curdle@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20220425202243.DD9A41210B8@rfcpa.amsl.com>
Date: Mon, 25 Apr 2022 13:22:43 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/ijPl6BZ2mD2_f3J_F49rSRWbWro>
Subject: [Curdle] [Errata Held for Document Update] RFC8410 (5696)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Apr 2022 20:22:48 -0000

The following errata report has been held for document update 
for RFC8410, "Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure". 

--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid5696

--------------------------------------
Status: Held for Document Update
Type: Technical

Reported by: Lijun Liao <LIJUN.LIAO@HUAWEI.COM>
Date Reported: 2019-04-17
Held by: Roman Danyliw (IESG)

Section: 5

Original Text
-------------
   If the keyUsage extension is present in a certification authority
   certificate that indicates id-Ed25519 or id-Ed448, then the keyUsage
   extension MUST contain one or more of the following values:

          nonRepudiation;
          digitalSignature;
          keyCertSign; and
          cRLSign.

Corrected Text
--------------
   If the keyUsage extension is present in a certification authority
   certificate that indicates id-Ed25519 or id-Ed448, then the keyUsage
   extension MUST contain keyCertSign, and zero, one or more of the
   following values:

          nonRepudiation;
          digitalSignature; and
          cRLSign.

Notes
-----
The usage keyCertSign must be set in a CA certificate.

--------------------------------------
RFC8410 (draft-ietf-curdle-pkix-10)
--------------------------------------
Title               : Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure
Publication Date    : August 2018
Author(s)           : S. Josefsson, J. Schaad
Category            : PROPOSED STANDARD
Source              : CURves, Deprecating and a Little more Encryption
Area                : Security
Stream              : IETF
Verifying Party     : IESG

v2.23.0 | Report a Bug | By Email