Re: [Technical Errata Reported] RFC8188 (8620)
Patrick Barrett <patrick@psbarrett.com> Wed, 26 November 2025 06:47 UTC
Received: by mail2.ietf.org (Postfix) id 93F9D90D94FA; Tue, 25 Nov 2025 22:47:04 -0800 (PST)
Delivered-To: ietfarch-httpbisa-archive-bis2juki@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 9290590D94F9 for <ietfarch-httpbisa-archive-bis2Juki@mail2.ietf.org>; Tue, 25 Nov 2025 22:47:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -5.284
X-Spam-Level:
X-Spam-Status: No, score=-5.284 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.017, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="LopJxebW"; dkim=pass (2048-bit key) header.d=w3.org header.b="B4x8ggwl"; dkim=pass (2048-bit key) header.d=w3.org header.b="LopJxebW"; dkim=pass (2048-bit key) header.d=w3.org header.b="CpnlQtW1"; dkim=neutral (2048-bit key) reason="invalid (signature is expired)" header.d=psbarrett.com header.b="LKYshzcV"; dkim=neutral (2048-bit key) reason="invalid (signature is expired)" header.d=messagingengine.com header.b="UbXPR1k0"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z_Pnnb0uyeLi for <ietfarch-httpbisa-archive-bis2Juki@mail2.ietf.org>; Tue, 25 Nov 2025 22:47:02 -0800 (PST)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id A7E3A90D92C1 for <httpbisa-archive-bis2Juki@ietf.org>; Tue, 25 Nov 2025 22:46:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:References:In-Reply-To:Message-Id:Cc:To:From: Date:MIME-Version:Reply-To; bh=1VsQ89JAmHooiXLw8POUg6nMbpYzodt7UUZZnZtxjUU=; b=LopJxebWEqyVR4HPxfqVQxgmwBzF4RVbjbDQf3K3vmsGce4F9B+ja06YekGyAn4LCYXUXHeNbjy aHezWy8EuJponNQ+HzAoxKMGEvWyDaundczvXgorKzg82sihHMlOvy+ODlSuwqXG0TOB/CgyT2fFC iuewmp7svqbj3z+A//hpmxusouG8xj2R302eJ2xMi3DV/f8BT0oPksoitYFG1uEAnvgU8Or9r2MIN sX4lTwMUK+Vfc0KuNITi3RKkFqtOiXir2L9LUJ+HSoLXRLMJtDE4hiNqsSR0/Jr61bfUPmFzTfccg aO5D63KxJkkcyETPch98S5wy/3Ht2Rk0NdlQ==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1vO9H8-001fna-0N for ietf-http-wg-dist@listhub.w3.org; Wed, 26 Nov 2025 06:45:14 +0000
Resent-Message-Id: <E1vO9H8-001fna-0N@mab.w3.org>
Received: from ip-10-0-0-224.ec2.internal ([10.0.0.224] helo=puck.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <sysbot+mod@w3.org>) id 1vO9Gw-001fgR-1D for ietf-http-wg@listhub.w3.internal; Wed, 26 Nov 2025 06:45:02 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:References:In-Reply-To:Message-Id:Cc:To:From: Date:MIME-Version:Reply-To; bh=1VsQ89JAmHooiXLw8POUg6nMbpYzodt7UUZZnZtxjUU=; t=1764139502; x=1765003502; b=B4x8ggwlECHPD273G4xDtquOebO9GJ9VCyvLsFG0Lv4LbBk JQecXdH8wb75y8UqMlxvXeVnzw9vWw766PauqLEF5RVZo0Mb1uCQu1T8cwYs4W4fCY3sh5ApT2Zeb XIBrBze5VxsrpcYfWCIILn9A6zhl3T6YiREkZDNyBDLrwxFx8nswmNHmBnIExa+n6l8d1ceq/8nFP /Cg29x4wauNA70mZFec+ysrPcSJfZGxCk9ikeQJk5PdbrQxXY8M5sMf7L+5dK9icab8Qc9U+iN2d1 VklItWfIugzfrqjwlZYjXgDTTVITcIREbvAj42pZVf0CyXA57zPQ+z6roQd8rSgg==;
Received: from mab.w3.org ([2600:1f18:7d7a:2700:d091:4b25:8566:8113]) by puck.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <sysbot+mod@w3.org>) id 1vO9Gw-001ykU-0r for ietf-http-wg@w3.org; Wed, 26 Nov 2025 06:45:02 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:References:In-Reply-To:Message-Id:Cc:To:From: Date:MIME-Version:Reply-To; bh=1VsQ89JAmHooiXLw8POUg6nMbpYzodt7UUZZnZtxjUU=; b=LopJxebWEqyVR4HPxfqVQxgmwBzF4RVbjbDQf3K3vmsGce4F9B+ja06YekGyAn4LCYXUXHeNbjy aHezWy8EuJponNQ+HzAoxKMGEvWyDaundczvXgorKzg82sihHMlOvy+ODlSuwqXG0TOB/CgyT2fFC iuewmp7svqbj3z+A//hpmxusouG8xj2R302eJ2xMi3DV/f8BT0oPksoitYFG1uEAnvgU8Or9r2MIN sX4lTwMUK+Vfc0KuNITi3RKkFqtOiXir2L9LUJ+HSoLXRLMJtDE4hiNqsSR0/Jr61bfUPmFzTfccg aO5D63KxJkkcyETPch98S5wy/3Ht2Rk0NdlQ==;
Received: from www-data by mab.w3.org with local (Exim 4.96) (envelope-from <sysbot+mod@w3.org>) id 1vO9Gw-001fg6-0S for ietf-http-wg@w3.org; Wed, 26 Nov 2025 06:45:02 +0000
Resent-From: List moderator <sysbot+mod@w3.org>
Resent-Date: Wed, 26 Nov 2025 06:45:02 +0000
Received: from ip-10-0-0-144.ec2.internal ([10.0.0.144] helo=pan.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <patrick@psbarrett.com>) id 1vMTgI-008bTH-1v for ietf-http-wg@listhub.w3.internal; Fri, 21 Nov 2025 16:08:18 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Subject:References:In-Reply-To:Message-Id:Cc:To:From: Date:MIME-Version:Reply-To; bh=1VsQ89JAmHooiXLw8POUg6nMbpYzodt7UUZZnZtxjUU=; t=1763741298; x=1764605298; b=CpnlQtW1n5xdwlet5dmZWUo1To+3xV9H05c/nNd6zt4Cesj JkldQxIHILDm8M5yjC6n+QtrhhTRd9LO/DKhdMfzVGdYtcHX6Ar4EOB5jpNYoiaOTqO+/lOtd7cHz OCKdDcvwnPfhtEr79NnZHJUFC/51gy2L0K5OcLlOF7Adh8j02ei9HbUdHCt1o0PZSWlo76IifuiEZ GknRfXPXj7Cq8WZvzCflPN0PVIZAuqbmnwF2pX/tOeZrUapP/J+STLy/ZI0YdtohXhIQ3xxFpNwKL 4RAbCWKYLpiB5w0xkk6c4+RLM6EPY+6Yowrt/9SenLaQzDs+wJ7uK83/kvSXzoqQ==;
Received-SPF: pass (pan.w3.org: domain of psbarrett.com designates 103.168.172.150 as permitted sender) client-ip=103.168.172.150; envelope-from=patrick@psbarrett.com; helo=fout-a7-smtp.messagingengine.com;
Received: from fout-a7-smtp.messagingengine.com ([103.168.172.150]) by pan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <patrick@psbarrett.com>) id 1vMTgH-001JrM-2K for ietf-http-wg@w3.org; Fri, 21 Nov 2025 16:08:18 +0000
Received: from phl-compute-02.internal (phl-compute-02.internal [10.202.2.42]) by mailfout.phl.internal (Postfix) with ESMTP id 6A982EC01FE; Fri, 21 Nov 2025 11:08:14 -0500 (EST)
Received: from phl-imap-14 ([10.202.2.87]) by phl-compute-02.internal (MEProxy); Fri, 21 Nov 2025 11:08:14 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=psbarrett.com; h=cc:cc:content-transfer-encoding:content-type:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:subject:subject:to:to; s=fm3; t=1763741294; x=1763827694; bh=1VsQ89JAmHooiXLw8POUg6nMbpYzodt7 UUZZnZtxjUU=; b=LKYshzcVSaR7N477k1ucM7hBai50OVj4Q3LD7XrSYseZLhSr soPZ+DM8YU4J353SSdORrQ3WHFLdaIbpha+HgF6YO9WIzsqD0HkrlAzdhKCBNaYJ +TVeghI46w3HOK9XL3+EBTTO1y1/rMzLWHxaWkpIlRqtPE7smmr2H9KR0dfxxVJM i99CcsqoxZskml/QtLN+9vrt+oUXv+vPoPgEgCqFJoc9u1ao8P9SnxtKZXFy8tJ4 UAoKNrOZ/DAuM9VtMBTHo1Jg/d2/ctCZtbKml/W87oSjOJFOnnL1mdW9GhMz40Ez 5pdFERepsGc8Ru8Z2PoUYTlO83aQoi4Y/aSJeQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1763741294; x= 1763827694; bh=1VsQ89JAmHooiXLw8POUg6nMbpYzodt7UUZZnZtxjUU=; b=U bXPR1k0BZzlcsPH7o4nNzmIzaP4Ooxcu20ody7R3NGSu2q9RtekBFA02R4UXp5AI GL7paEyVs9X8zoDpBN++WAN9d2KnnIipT35woIYXn6rJZLWG42qWotmk6JP5Lzdw lnAkA487DN/IUrJTVMV6zI0eGqUp8a2J+vNM5HA3CUNSDNMR/ZhrJ81UlBOJeLYv JWQh7z/1KWa9kG+T1Jh7Dwu2QHCNu10ZkFrfVcTLIEgOklX8WgycYqkmc3BB6jxM 92U/l94NxO5bPWD/TF6KUUbqBEdrV7mqEyImYS64wdNPC/WrNDsQOSckW51S+5OF 9rsXj0eJhVC/xMzGt8t1A==
X-ME-Sender: <xms:bo4gaTVBTKWh3SOxxvgqb9KC5eCPxY7uTpSBXFn7xWukI0CCV7gyYA> <xme:bo4gaWY1eNIWfsioOPjltmHAY5H_vds2QAGsxz3X5OWgSQeqOKKVbRLQsBSvRuNNk PEln55WYyPwyPSk7Efk4mDO54fAIF6dFKvTV0iJdPPfV-dlBfjl0CQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggddvfedtgedtucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf gurhepofggfffhvfevkfgjfhfutgfgsehtjeertdertddtnecuhfhrohhmpedfrfgrthhr ihgtkhcuuegrrhhrvghtthdfuceophgrthhrihgtkhesphhssggrrhhrvghtthdrtghomh eqnecuggftrfgrthhtvghrnhepgeekveehudeuheetgeevtdfgjeetfeeufeeihfdvlefg gfegfffhuedvvefffedtnecuffhomhgrihhnpehgihhthhhusgdrtghomhdprhhftgdqvg guihhtohhrrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghi lhhfrhhomhepphgrthhrihgtkhesphhssggrrhhrvghtthdrtghomhdpnhgspghrtghpth htohepjedpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepthhprghulhihsegrphhp lhgvrdgtohhmpdhrtghpthhtohepmhgrrhhtihhnrdhthhhomhhsohhnsehgmhgrihhlrd gtohhmpdhrtghpthhtohephhhtthhpsghishdqrggushesihgvthhfrdhorhhgpdhrtghp thhtohepmhhtsehlohifvghnthhrohhphidrnhgvthdprhgtphhtthhopehmnhhothesmh hnohhtrdhnvghtpdhrtghpthhtoheprhhftgdqvgguihhtohhrsehrfhgtqdgvughithho rhdrohhrghdprhgtphhtthhopehivghtfhdqhhhtthhpqdifghesfiefrdhorhhg
X-ME-Proxy: <xmx:bo4gaS7SU4HzwSPxYIt681plKuvNcqUG6mmtnC6nNyc6cBzXdTHckw> <xmx:bo4gaeLVuwTV7KnHgDA9gbi5u4pO_DBJ1m6qCElzbrEPMJ-lvQz-Lg> <xmx:bo4gaTv5vtkjkTep4OINb0E28vtVihttjda38-JWPXFr9P2uWTSa3A> <xmx:bo4gaVKOTsUIamI4D2k3b27PtRI5-tTXBRIPUeIJFwCl7-A6WtAkJA> <xmx:bo4gaabyvMnJHFeqr9fBPxGCJT3bZrggP65WXuGjTEMOlMNesCRSLu7p>
Feedback-ID: i5e114242:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501) id EAD35C40063; Fri, 21 Nov 2025 11:08:13 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
X-ThreadId: Axp4s6a0EFfg
Date: Fri, 21 Nov 2025 10:07:35 -0600
From: Patrick Barrett <patrick@psbarrett.com>
To: Martin Thomson <mt@lowentropy.net>, rfc-editor <rfc-editor@rfc-editor.org>, Martin Thomson <martin.thomson@gmail.com>, httpbis-ads@ietf.org, Mark Nottingham <mnot@mnot.net>, Tommy Pauly <tpauly@apple.com>
Cc: ietf-http-wg@w3.org
Message-Id: <699efda9-8a3e-4b2c-b998-5a4a8c0bfa97@app.fastmail.com>
In-Reply-To: <09a69d4f-4d72-4af6-b1a3-be59d3eb3cbb@betaapp.fastmail.com>
References: <20251030202053.D668CC000BCA@rfcpa.rfc-editor.org> <09a69d4f-4d72-4af6-b1a3-be59d3eb3cbb@betaapp.fastmail.com>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-W3C-Hub-DKIM-Status: validation passed: (address=patrick@psbarrett.com domain=psbarrett.com), signature is good
X-W3C-Hub-DKIM-Status: validation passed: (address=patrick@psbarrett.com domain=messagingengine.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-1.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_MISSING=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_NW=1
X-W3C-Scan-Sig: pan.w3.org 1vMTgH-001JrM-2K 31b5e5487296eaa6f89019210baedc87
X-caa-id: 5ba530c9fd
X-Original-To: ietf-http-wg@w3.org
Subject: Re: [Technical Errata Reported] RFC8188 (8620)
Archived-At: <https://www.w3.org/mid/699efda9-8a3e-4b2c-b998-5a4a8c0bfa97@app.fastmail.com>
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/53571
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Shoot, you are definitely correct.
I've figured out where my misunderstanding came from. While debugging an actual issue in my implementation I switched the 'encrypted data' from the string "I am the walrus" from the text to the value decoded from the 'unencrypted data' ("SSBhbSB0aGUgd2FscnVzAg") not realizing that the latter had the the padding delimiter added.
I realize that 'data' is probably being used as a generic term, but I'd suggest that the 'unencrypted data' in the intermediate values section could have the padding delimiter removed to match how the word is used in the text above or have the name changed to 'unencrypted record' to be more clear about what data it is referring to.
On Thu, Nov 20, 2025, at 16:45, Martin Thomson wrote:
> I've taken a look at this, which meant re-learning how this works.
>
> The examples are produced and checked by this script:
> https://github.com/web-push-libs/encrypted-content-encoding/blob/d2d3a156d4d8b5e51b2cb5cda07d88157b4c34e3/nodejs/test.js#L320
>
> You can run that with: ECE_KEYLOG=1 node test.js aes128gcm verbose checkExamples
>
> You can see that the ciphertext is produced from the 15 bytes of
> plaintext and a single byte of padding, which is the byte 0x02 (printed
> in the output as "Ag").
>
> The alternative that is presented here has *two* 0x02 bytes at the end:
>
> 00000000: 4920 616d 2074 6865 2077 616c 7275 7302 I am the walrus.
> 00000010: 02 .
>
> I suggest that we REJECT this erratum.
>
> On Fri, Oct 31, 2025, at 07:20, RFC Errata System wrote:
>> The following errata report has been submitted for RFC8188,
>> "Encrypted Content-Encoding for HTTP".
>>
>> --------------------------------------
>> You may review the report below and at:
>> https://www.rfc-editor.org/errata/eid8620
>>
>> --------------------------------------
>> Type: Technical
>> Reported by: Patrick Barrett <patrick@psbarrett.com>
>>
>> Section: 3.1
>>
>> Original Text
>> -------------
>> The encrypted data in this example is the UTF-8-encoded string "I am
>> the walrus". The input-keying material is the value "yqdlZ-
>> tYemfogSmv7Ws5PQ" (in base64url). The 54-octet content body contains
>> a single record and is shown here using 71 base64url characters for
>> presentation reasons.
>>
>> HTTP/1.1 200 OK
>> Content-Type: application/octet-stream
>> Content-Length: 54
>> Content-Encoding: aes128gcm
>>
>> I1BsxtFttlv3u_Oo94xnmwAAEAAA-NAVub2qFgBEuQKRapoZu-IxkIva3MEB1PD-
>> ly8Thjg
>>
>> Corrected Text
>> --------------
>> The encrypted data in this example is the UTF-8-encoded string "I am
>> the walrus". The input-keying material is the value "yqdlZ-
>> tYemfogSmv7Ws5PQ" (in base64url). The 54-octet content body contains
>> a single record and is shown here using 72 base64url characters for
>> presentation reasons.
>>
>> HTTP/1.1 200 OK
>> Content-Type: application/octet-stream
>> Content-Length: 54
>> Content-Encoding: aes128gcm
>>
>> I1BsxtFttlv3u_Oo94xnmwAAEAAA-NAVub2qFgBEuQKRapoZu_ul1ATXXzhZ8IY
>> 2l5S6w8cG
>>
>> Notes
>> -----
>> The example is missing the padding delimiter octet.
>>
>> The paragraph directly above this explicitly says it should have it.
>>
>>> [...] This uses a
>>> record size of 4096 octets and no padding (just the single-octet
>>> padding delimiter), so only a partial record is present.
>>
>> Also, without that the delimiter, the body is only 53 octets, not the
>> 54 the description says it should be.
>>
>> Instructions:
>> -------------
>> This erratum is currently posted as "Reported". (If it is spam, it
>> will be removed shortly by the RFC Production Center.) Please
>> use "Reply All" to discuss whether it should be verified or
>> rejected. When a decision is reached, the verifying party
>> will log in to change the status and edit the report, if necessary.
>>
>> --------------------------------------
>> RFC8188 (draft-ietf-httpbis-encryption-encoding-09)
>> --------------------------------------
>> Title : Encrypted Content-Encoding for HTTP
>> Publication Date : June 2017
>> Author(s) : M. Thomson
>> Category : PROPOSED STANDARD
>> Source : HTTP
>> Stream : IETF
>> Verifying Party : IESG
- [Technical Errata Reported] RFC8188 (8620) RFC Errata System
- Re: [Technical Errata Reported] RFC8188 (8620) Martin Thomson
- Re: [Technical Errata Reported] RFC8188 (8620) Patrick Barrett