[IPsec] [Errata Rejected] RFC7427 (4295)
RFC Errata System <rfc-editor@rfc-editor.org> Tue, 24 March 2015 16:38 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D2411A8A42; Tue, 24 Mar 2015 09:38:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.912
X-Spam-Level:
X-Spam-Status: No, score=-106.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O9M1lGBU7ifM; Tue, 24 Mar 2015 09:38:08 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) by ietfa.amsl.com (Postfix) with ESMTP id BC8EA1A913A; Tue, 24 Mar 2015 09:37:49 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 81957180205; Tue, 24 Mar 2015 09:36:21 -0700 (PDT)
To: a.yousar@informatik.hu-berlin.de, kivinen@iki.fi, jms@opus1.com
X-PHP-Originating-Script: 1005:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20150324163621.81957180205@rfc-editor.org>
Date: Tue, 24 Mar 2015 09:36:21 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipsec/wbrNzczWn-0j7SJhnQ0fBk7GEhs>
Cc: ipsec@ietf.org, Kathleen.Moriarty@emc.com, iesg@ietf.org, rfc-editor@rfc-editor.org
Subject: [IPsec] [Errata Rejected] RFC7427 (4295)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Mar 2015 16:38:11 -0000
The following errata report has been rejected for RFC7427, "Signature Authentication in the Internet Key Exchange Version 2 (IKEv2)". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=7427&eid=4295 -------------------------------------- Status: Rejected Type: Editorial Reported by: Annie Yousar <a.yousar@informatik.hu-berlin.de> Date Reported: 2015-03-10 Rejected by: Kathleen Moriarty (IESG) Section: A.4.2 Original Text ------------- Here the parameters are present and contain the default parameters, i.e., hashAlgorithm of SHA-1, maskGenAlgorithm of mgf1SHA1, saltLength of 20, and trailerField of 1. 0000 : SEQUENCE 0002 : OBJECT IDENTIFIER RSASSA-PSS (1.2.840.113549.1.1.10) 000d : SEQUENCE 000f : CONTEXT 0 0011 : SEQUENCE 0013 : OBJECT IDENTIFIER id-sha1 (1.3.14.3.2.26) 001a : NULL 001c : CONTEXT 1 001e : SEQUENCE 0020 : OBJECT IDENTIFIER 1.2.840.113549.1.1.8 002b : SEQUENCE 002d : OBJECT IDENTIFIER id-sha1 (1.3.14.3.2.26) 0034 : NULL 0036 : CONTEXT 2 0038 : INTEGER 0x14 (5 bits) 003b : CONTEXT 3 003d : INTEGER 0x1 (1 bits) Name = RSASSA-PSS with default parameters, oid = 1.2.840.113549.1.1.10 Length = 64 0000: 303e 0609 2a86 4886 f70d 0101 0a30 31a0 0010: 0b30 0906 052b 0e03 021a 0500 a118 3016 0020: 0609 2a86 4886 f70d 0101 0830 0906 052b 0030: 0e03 021a 0500 a203 0201 14a3 0302 0101 Corrected Text -------------- If the default parameters are used, i.e., hashAlgorithm of SHA-1, maskGenAlgorithm of mgf1SHA1, saltLength of 20, and trailerField of 1, the parameters MUST NOT be encoded according to the Distiguished Encoding Rules (DER) of ASN.1. Therefore the encoding is the same as of A.4.1. 0000 : SEQUENCE 0002 : OBJECT IDENTIFIER RSASSA-PSS (1.2.840.113549.1.1.10) 000d : SEQUENCE Name = RSASSA-PSS with default parameters, oid = 1.2.840.113549.1.1.10 Length = 15 0000: 300d 0609 2a86 4886 f70d 0101 0a30 00 Notes ----- Section 3 requires the use of DER: The ASN.1 used here is the same ASN.1 used in the AlgorithmIdentifier of PKIX (see Section 4.1.1.2 of [RFC5280]), encoded using distinguished encoding rules (DER) [CCITT.X690.2002]. KM: Reviewed by expert and response provided. --VERIFIER NOTES-- Reviewed by expert and answer provided as to why this is not correct. -------------------------------------- RFC7427 (draft-kivinen-ipsecme-signature-auth-07) -------------------------------------- Title : Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) Publication Date : January 2015 Author(s) : T. Kivinen, J. Snyder Category : PROPOSED STANDARD Source : IP Security Maintenance and Extensions Area : Security Stream : IETF Verifying Party : IESG
- [IPsec] [Editorial Errata Reported] RFC7427 (4295) Tero Kivinen
- Re: [IPsec] [Editorial Errata Reported] RFC7427 (… Kathleen Moriarty
- Re: [IPsec] [Editorial Errata Reported] RFC7427 (… Tero Kivinen
- [IPsec] [Errata Rejected] RFC7427 (4295) RFC Errata System
- [IPsec] [Errata Rejected] RFC7427 (4295) RFC Errata System
- [IPsec] [Editorial Errata Reported] RFC7427 (4295) RFC Errata System