Re: [Technical Errata Reported] RFC8188 (8620)
Martin Thomson <mt@lowentropy.net> Thu, 20 November 2025 22:55 UTC
Received: by mail2.ietf.org (Postfix) id A46888D95873; Thu, 20 Nov 2025 14:55:57 -0800 (PST)
Delivered-To: ietfarch-httpbisa-archive-bis2juki@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id A30BC8D95872 for <ietfarch-httpbisa-archive-bis2Juki@mail2.ietf.org>; Thu, 20 Nov 2025 14:55:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -5.384
X-Spam-Level:
X-Spam-Status: No, score=-5.384 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.017, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="fwqOC0/l"; dkim=pass (2048-bit key) header.d=w3.org header.b="hnIOKPmx"; dkim=pass (2048-bit key) header.d=lowentropy.net header.b="VzbVVxW/"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="c2zbwWQM"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iCM-uUn3SbSx for <ietfarch-httpbisa-archive-bis2Juki@mail2.ietf.org>; Thu, 20 Nov 2025 14:55:57 -0800 (PST)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id E24008D94F04 for <httpbisa-archive-bis2Juki@ietf.org>; Thu, 20 Nov 2025 14:46:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:References:In-Reply-To:Message-Id:Cc:To:From: Date:MIME-Version:Reply-To; bh=nc4CMOOehaPa67fd9jw2ntCxuWgZSSbTrC+hg9tQIWU=; b=fwqOC0/l7mfKtaPSv+jf3947UCk7eHVLk0WVTteWK2ovH/lr1GkBf3VYY6OKYEyVVDtTiZ2L54f HAIH1a1z4B+ukx7bVtdQFRW0Nb00WKsgTSZaqfRoldl6/QDpzxr2Bdg27UkC3GpTxK0wbtsfwH12A c2zhxddOww/LyrrNz4v973XYSPmRzSSzhoJKye1mzaCoEoPbsVVt8JFpv7pGV6GoA3QW2bCs5a/lX uAUrPhfn4nosEBcQuLdwMBKBquu4Gc7uTIhmZ2XRzyz5prZsZaJwA2a4dKa5848KDgYfcBj8iTafj 4Td17ZLka6Tgokwl30GhZnx/jfzkKDpUe1yg==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1vMDPG-006JMp-0T for ietf-http-wg-dist@listhub.w3.org; Thu, 20 Nov 2025 22:45:38 +0000
Resent-Date: Thu, 20 Nov 2025 22:45:38 +0000
Resent-Message-Id: <E1vMDPG-006JMp-0T@mab.w3.org>
Received: from ip-10-0-0-224.ec2.internal ([10.0.0.224] helo=puck.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <mt@lowentropy.net>) id 1vMDPD-006JLv-37 for ietf-http-wg@listhub.w3.internal; Thu, 20 Nov 2025 22:45:36 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Subject:References:In-Reply-To:Message-Id:Cc:To:From: Date:MIME-Version:Reply-To; bh=nc4CMOOehaPa67fd9jw2ntCxuWgZSSbTrC+hg9tQIWU=; t=1763678735; x=1764542735; b=hnIOKPmxZ4hs23xfqswN+Y6vyJZPlo3c7UqBAWgBGAVrQKr go8lf4h40bXGZmKja0SCeCbGoalfJtFmT/u0od+LeoXdsjjFWLyqe09BuwydtmL+uBOgjbX1mMPHH R4uvou+PsyNNMTRorM7w1WMU7E48NvuTTr671FnOH9GpIMYfONMhnjNv/F6RtsmcYFe3KQagA03zs UdhURZhVLLJKYAPXxrOpJ72z1K3x1v1YPnpQgbw+3VYBM8yzhc88XJfqPEbYM6jJ4addDPU3CvshF 4HgPKL4jUkRGsWpHwgDdlpOmmEnIfMtexsa32h6kGrQ7C0yqMOSpI5/x+Cd0hghQ==;
Received-SPF: pass (puck.w3.org: domain of lowentropy.net designates 202.12.124.146 as permitted sender) client-ip=202.12.124.146; envelope-from=mt@lowentropy.net; helo=fout-b3-smtp.messagingengine.com;
Received: from fout-b3-smtp.messagingengine.com ([202.12.124.146]) by puck.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <mt@lowentropy.net>) id 1vMDPD-000cUc-0V for ietf-http-wg@w3.org; Thu, 20 Nov 2025 22:45:35 +0000
Received: from phl-compute-04.internal (phl-compute-04.internal [10.202.2.44]) by mailfout.stl.internal (Postfix) with ESMTP id 8EF1D1D001C0; Thu, 20 Nov 2025 17:45:31 -0500 (EST)
Received: from phl-imap-15 ([10.202.2.104]) by phl-compute-04.internal (MEProxy); Thu, 20 Nov 2025 17:45:31 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:cc:content-transfer-encoding:content-type:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:subject:subject:to:to; s=fm1; t=1763678731; x=1763765131; bh=nc4CMOOehaPa67fd9jw2ntCxuWgZSSbT rC+hg9tQIWU=; b=VzbVVxW/iwwf4Xsme1DwNu9O6JpUeA0Npuhi18GwkeqC1vNr D7N3HMuj/MfCcOKGqjxRq/YBnsPsz/+jj/bde+VYorm56gzYI7UTktnHrb8UXG9E MwJiCVkKq/NW9IQk1QnDVPOJIo2NAEGSRwsvq04ZVjaeySpH3RwMeInK1GaOiYMb zuUDuhRRHwQph9YTfW7MdNuu8hGVrmvLQckcJwC+TGeiQlrsS1ryKF9FlvY7oZTq 4Ai1IYc6oPlxVMnRybRyz2gt0qozMGLyKfSXP40wQgcesYl2uAwvJBUS474yQfT9 H0qFHJysigjgMZxvgde8CpDAeKo7fA09Q38A1Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1763678731; x= 1763765131; bh=nc4CMOOehaPa67fd9jw2ntCxuWgZSSbTrC+hg9tQIWU=; b=c 2zbwWQM5h9Q3YEAtHDnEngDAcsq/7gEUO8+W7bwpVATPteqU2I7ZIjSKreF4LAad EGVxYQs5JJHkvg8MbpSSyXDofi7bkZkT2xZce3rrozNoIbWRnZ5NDB0z1Uiq88ah 29lexRClYCOaYJ903tn1/z9SyIqw7SPxl5o2iuPkE2zIYrjoR11dQMNvPPALO2Yg 2kNVRXLZ8SQ89pprZo3EIPJMjtLj62xNXgMlarh0osseLB2nMrOfdmX+DQBNjqOl IcfDgnzMSN16ibtaIcAPet/gPzc42Zc3EHV2NuHocCnen8r6C+8KmyKm39zp3LI4 sFQOoAF8QQv96UHI4c7eA==
X-ME-Sender: <xms:CpofaRwJfsgcuoVPrWT4wjBxtzI6X0_alpLSeVqa8D1uaho23X17Zw> <xme:CpofacHcNyNXHzt9J4ZR1kY0U5bjnlLVCI0Lfbl__3Vz1TeL0gH5DAQTT47BxA6Xn xUVz0D8dblCiFP7x6pCaXB380ScrRJtZlNjyWQ1Kf7ZU7mugeTE>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggddvvdekfedvucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf gurhepofggfffhvfevkfgjfhfutgfgsehtjeertdertddtnecuhfhrohhmpedfofgrrhht ihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigvnhhtrhhophihrdhnvghtqeenucggtf frrghtthgvrhhnpedvtddtkeehgeektdekvdefteelleeuleejleekveejveeuueeuhffh teettedvueenucffohhmrghinhepghhithhhuhgsrdgtohhmpdhrfhgtqdgvughithhorh drohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhm pehmtheslhhofigvnhhtrhhophihrdhnvghtpdhnsggprhgtphhtthhopeejpdhmohguvg epshhmthhpohhuthdprhgtphhtthhopehtphgruhhlhiesrghpphhlvgdrtghomhdprhgt phhtthhopehmrghrthhinhdrthhhohhmshhonhesghhmrghilhdrtghomhdprhgtphhtth hopehhthhtphgsihhsqdgrughssehivghtfhdrohhrghdprhgtphhtthhopehmnhhothes mhhnohhtrdhnvghtpdhrtghpthhtohepphgrthhrihgtkhesphhssggrrhhrvghtthdrtg homhdprhgtphhtthhopehrfhgtqdgvughithhorhesrhhftgdqvgguihhtohhrrdhorhhg pdhrtghpthhtohepihgvthhfqdhhthhtphdqfihgseiffedrohhrgh
X-ME-Proxy: <xmx:C5ofaeWsM9usVh-zA3B33Oc-ZH_uebQr0bZTK7hgz3dVu8SHxPIoJw> <xmx:C5ofac1fQLqfx1nFBePN0teZojmd-yxrCTG-Wm8w-l3XFcwY10sQYQ> <xmx:C5ofaUrUuiXmj5qTNduqrKhe6f0J0H-DDPttoKuJR1uOJRsTtWZxVg> <xmx:C5ofabVNLlo8-BUtLqn-ZjIyvvC9vmJJ_ye_gaFylaIej_DLpBBG6w> <xmx:C5ofaWH0yEk3ohU_zk8anupMCNGwNHQyK22W0VYSMCfZN8CtApIEUimh>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501) id E415F780070; Thu, 20 Nov 2025 17:45:30 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
X-ThreadId: A23cnHnSn-8o
Date: Fri, 21 Nov 2025 09:45:10 +1100
From: Martin Thomson <mt@lowentropy.net>
To: rfc-editor <rfc-editor@rfc-editor.org>, Martin Thomson <martin.thomson@gmail.com>, httpbis-ads@ietf.org, Mark Nottingham <mnot@mnot.net>, Tommy Pauly <tpauly@apple.com>
Cc: patrick@psbarrett.com, ietf-http-wg@w3.org
Message-Id: <09a69d4f-4d72-4af6-b1a3-be59d3eb3cbb@betaapp.fastmail.com>
In-Reply-To: <20251030202053.D668CC000BCA@rfcpa.rfc-editor.org>
References: <20251030202053.D668CC000BCA@rfcpa.rfc-editor.org>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-W3C-Hub-DKIM-Status: validation passed: (address=mt@lowentropy.net domain=lowentropy.net), signature is good
X-W3C-Hub-DKIM-Status: validation passed: (address=mt@lowentropy.net domain=messagingengine.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-9.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: puck.w3.org 1vMDPD-000cUc-0V 44fcd8742885113253c967b0aada9136
X-Original-To: ietf-http-wg@w3.org
Subject: Re: [Technical Errata Reported] RFC8188 (8620)
Archived-At: <https://www.w3.org/mid/09a69d4f-4d72-4af6-b1a3-be59d3eb3cbb@betaapp.fastmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/53561
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
I've taken a look at this, which meant re-learning how this works. The examples are produced and checked by this script: https://github.com/web-push-libs/encrypted-content-encoding/blob/d2d3a156d4d8b5e51b2cb5cda07d88157b4c34e3/nodejs/test.js#L320 You can run that with: ECE_KEYLOG=1 node test.js aes128gcm verbose checkExamples You can see that the ciphertext is produced from the 15 bytes of plaintext and a single byte of padding, which is the byte 0x02 (printed in the output as "Ag"). The alternative that is presented here has *two* 0x02 bytes at the end: 00000000: 4920 616d 2074 6865 2077 616c 7275 7302 I am the walrus. 00000010: 02 . I suggest that we REJECT this erratum. On Fri, Oct 31, 2025, at 07:20, RFC Errata System wrote: > The following errata report has been submitted for RFC8188, > "Encrypted Content-Encoding for HTTP". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid8620 > > -------------------------------------- > Type: Technical > Reported by: Patrick Barrett <patrick@psbarrett.com> > > Section: 3.1 > > Original Text > ------------- > The encrypted data in this example is the UTF-8-encoded string "I am > the walrus". The input-keying material is the value "yqdlZ- > tYemfogSmv7Ws5PQ" (in base64url). The 54-octet content body contains > a single record and is shown here using 71 base64url characters for > presentation reasons. > > HTTP/1.1 200 OK > Content-Type: application/octet-stream > Content-Length: 54 > Content-Encoding: aes128gcm > > I1BsxtFttlv3u_Oo94xnmwAAEAAA-NAVub2qFgBEuQKRapoZu-IxkIva3MEB1PD- > ly8Thjg > > Corrected Text > -------------- > The encrypted data in this example is the UTF-8-encoded string "I am > the walrus". The input-keying material is the value "yqdlZ- > tYemfogSmv7Ws5PQ" (in base64url). The 54-octet content body contains > a single record and is shown here using 72 base64url characters for > presentation reasons. > > HTTP/1.1 200 OK > Content-Type: application/octet-stream > Content-Length: 54 > Content-Encoding: aes128gcm > > I1BsxtFttlv3u_Oo94xnmwAAEAAA-NAVub2qFgBEuQKRapoZu_ul1ATXXzhZ8IY > 2l5S6w8cG > > Notes > ----- > The example is missing the padding delimiter octet. > > The paragraph directly above this explicitly says it should have it. > >> [...] This uses a >> record size of 4096 octets and no padding (just the single-octet >> padding delimiter), so only a partial record is present. > > Also, without that the delimiter, the body is only 53 octets, not the > 54 the description says it should be. > > Instructions: > ------------- > This erratum is currently posted as "Reported". (If it is spam, it > will be removed shortly by the RFC Production Center.) Please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > will log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC8188 (draft-ietf-httpbis-encryption-encoding-09) > -------------------------------------- > Title : Encrypted Content-Encoding for HTTP > Publication Date : June 2017 > Author(s) : M. Thomson > Category : PROPOSED STANDARD > Source : HTTP > Stream : IETF > Verifying Party : IESG
- [Technical Errata Reported] RFC8188 (8620) RFC Errata System
- Re: [Technical Errata Reported] RFC8188 (8620) Martin Thomson
- Re: [Technical Errata Reported] RFC8188 (8620) Patrick Barrett