Re: [jose] [Editorial Errata Reported] RFC7520 (4801)

Alice Russo <arusso@amsl.com> Tue, 10 December 2019 17:32 UTC

Return-Path: <arusso@amsl.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1249120971 for <jose@ietfa.amsl.com>; Tue, 10 Dec 2019 09:32:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tO9yAMhxIW86 for <jose@ietfa.amsl.com>; Tue, 10 Dec 2019 09:32:31 -0800 (PST)
Received: from mail.amsl.com (c8a.amsl.com [4.31.198.40]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8745712096C for <jose@ietf.org>; Tue, 10 Dec 2019 09:32:29 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by c8a.amsl.com (Postfix) with ESMTP id 62237203A1C; Tue, 10 Dec 2019 09:31:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from c8a.amsl.com ([127.0.0.1]) by localhost (c8a.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ooOuoCKmMr3d; Tue, 10 Dec 2019 09:31:12 -0800 (PST)
Received: from [IPv6:2601:602:8501:8b10:5596:84b8:2225:433b] (unknown [IPv6:2601:602:8501:8b10:5596:84b8:2225:433b]) by c8a.amsl.com (Postfix) with ESMTPSA id DA5C6203A19; Tue, 10 Dec 2019 09:31:11 -0800 (PST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Alice Russo <arusso@amsl.com>
In-Reply-To: <043901d5af11$7d9884f0$78c98ed0$@augustcellars.com>
Date: Tue, 10 Dec 2019 09:32:28 -0800
Cc: Benjamin Kaduk <kaduk@mit.edu>, Karen O'Donoghue <odonoghue@isoc.org>, Roman Danyliw <rdd@cert.org>, "linuxwolf+ietf@outer-planes.net" <linuxwolf+ietf@outer-planes.net>, florent@morselli.fr, jose@ietf.org, RFC Editor <rfc-editor@rfc-editor.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <99CFB8AC-42F4-434A-91C5-E12350926402@amsl.com>
References: <20160913081304.E2352B80EA3@rfc-editor.org> <028201d5aadf$aaebb2a0$00c317e0$@augustcellars.com> <20191209172657.GG13890@kduck.mit.edu> <043901d5af11$7d9884f0$78c98ed0$@augustcellars.com>
To: Jim Schaad <ietf@augustcellars.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/9AF50M_QKJkzinFlkqzftiADh4U>
Subject: Re: [jose] [Editorial Errata Reported] RFC7520 (4801)
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2019 17:32:33 -0000

Hi Jim, 

Re:
> BUT NOT MY FAULT.  You will
> notice that the link in the errata below has the wrong number in it.

It appears that what happened is:
There was a more-detailed report (EID 4802), which was submitted directly after EID 4801. We deleted EID 4801 (essentially a duplicate). We sent a notification at that time, and asked in the future to please notify the RFC Editor to correct an existing report, rather than file a new report. [Mail from Megan Ferguson, 13 September 2016.]

Anyway; the relevant report is:
https://www.rfc-editor.org/errata/eid4802

(We have corrected the submitter name to Florent Morselli and moved the other text to the notes.)

Thank you.
RFC Editor/ar

> On Dec 9, 2019, at 8:22 PM, Jim Schaad <ietf@augustcellars.com> wrote:
> 
> Sorry - typo on my part - should be 4802.   BUT NOT MY FAULT.  You will
> notice that the link in the errata below has the wrong number in it.
> 
> -----Original Message-----
> From: Benjamin Kaduk <kaduk@mit.edu> 
> Sent: Monday, December 9, 2019 9:27 AM
> To: Jim Schaad <ietf@augustcellars.com>
> Cc: 'RFC Errata System' <rfc-editor@rfc-editor.org>rg>; odonoghue@isoc.org;
> Roman Danyliw <rdd@cert.org>rg>; 'Matthew A. Miller'
> <linuxwolf+ietf@outer-planes.net>et>; florent@morselli.fr; jose@ietf.org
> Subject: Re: [jose] [Editorial Errata Reported] RFC7520 (4801)
> 
> Hi Jim,
> 
> I started looking at this, but I can't find an errata report with eid 4801;
> there is https://www.rfc-editor.org/verify_errata_select.php?eid=4802 which
> looks quite similar to what is quoted below (but includes additional
> commentary in both the old and new text boxes :(
> 
> Can you please check that eid 4802 is the content you want us to be
> handling?
> 
> Thanks,
> 
> Ben
> 
> On Wed, Dec 04, 2019 at 12:16:05PM -0800, Jim Schaad wrote:
>> I went through to start getting all of the JOSE errata cleaned out.  
>> After consulting with Matt, I believe that this errata should be 
>> accepted as editorial - hold for update.
>> 
>> Jim
>> 
>> 
>> -----Original Message-----
>> From: jose <jose-bounces@ietf.org> On Behalf Of RFC Errata System
>> Sent: Tuesday, September 13, 2016 1:13 AM
>> To: mamille2@cisco.com; stephen.farrell@cs.tcd.ie; 
>> Kathleen.Moriarty.ietf@gmail.com; odonoghue@isoc.org; 
>> ietf@augustcellars.com
>> Cc: florent@morselli.fr; jose@ietf.org; rfc-editor@rfc-editor.org
>> Subject: [jose] [Editorial Errata Reported] RFC7520 (4801)
>> 
>> The following errata report has been submitted for RFC7520, "Examples 
>> of Protecting Content Using JSON Object Signing and Encryption (JOSE)".
>> 
>> --------------------------------------
>> You may review the report below and at:
>> http://www.rfc-editor.org/errata_search.php?rfc=7520&eid=4801
>> 
>> --------------------------------------
>> Type: Editorial
>> Reported by: Wrong JSON Flattened Representation <florent@morselli.fr>
>> 
>> Section: 5.7.5
>> 
>> Original Text
>> -------------
>> The figure 150 is:
>> 
>>   {
>>     "protected": "eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6IktrWVQwR1hfMm
>>         pIbGZxTl8iLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYj
>>         RkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3Ii
>>         wiZW5jIjoiQTEyOENCQy1IUzI1NiJ9",
>>     "encrypted_key": "lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNo
>>         k",
>>     "iv": "gz6NjyEFNm_vm8Gj6FwoFQ",
>>     "ciphertext": "Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8E
>>         qoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyW
>>         tZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQ
>>         HLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfD
>>         gymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec
>>         4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7z
>>         zFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3
>>         xWU",
>>     "tag": "NvBveHr_vonkvflfnUrmBQ"
>>   }
>> 
>> But the figure 147 indicates the tag is "DKW7jrb4WaRSNfbXVPlT5g".
>> 
>> Corrected Text
>> --------------
>> The figure 150 should be:
>> 
>>   {
>>     "protected": "eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6IktrWVQwR1hfMm
>>         pIbGZxTl8iLCJraWQiOiIxOGVjMDhlMS1iZmE5LTRkOTUtYjIwNS0yYj
>>         RkZDFkNDMyMWQiLCJ0YWciOiJrZlBkdVZRM1QzSDZ2bmV3dC0ta3N3Ii
>>         wiZW5jIjoiQTEyOENCQy1IUzI1NiJ9",
>>     "encrypted_key": "lJf3HbOApxMEBkCMOoTnnABxs_CvTWUmZQ2ElLvYNo
>>         k",
>>     "iv": "gz6NjyEFNm_vm8Gj6FwoFQ",
>>     "ciphertext": "Jf5p9-ZhJlJy_IQ_byKFmI0Ro7w7G1QiaZpI8OaiVgD8E
>>         qoDZHyFKFBupS8iaEeVIgMqWmsuJKuoVgzR3YfzoMd3GxEm3VxNhzWyW
>>         tZKX0gxKdy6HgLvqoGNbZCzLjqcpDiF8q2_62EVAbr2uSc2oaxFmFuIQ
>>         HLcqAHxy51449xkjZ7ewzZaGV3eFqhpco8o4DijXaG5_7kp3h2cajRfD
>>         gymuxUbWgLqaeNQaJtvJmSMFuEOSAzw9Hdeb6yhdTynCRmu-kqtO5Dec
>>         4lT2OMZKpnxc_F1_4yDJFcqb5CiDSmA-psB2k0JtjxAj4UPI61oONK7z
>>         zFIu4gBfjJCndsZfdvG7h8wGjV98QhrKEnR7xKZ3KCr0_qR1B-gxpNk3
>>         xWU",
>>     "tag": "DKW7jrb4WaRSNfbXVPlT5g"
>>   }
>> 
>> Notes
>> -----
>> 
>> 
>> Instructions:
>> -------------
>> This erratum is currently posted as "Reported". If necessary, please 
>> use "Reply All" to discuss whether it should be verified or rejected. 
>> When a decision is reached, the verifying party (IESG) can log in to 
>> change the status and edit the report, if necessary.
>> 
>> --------------------------------------
>> RFC7520 (draft-ietf-jose-cookbook-08)
>> --------------------------------------
>> Title               : Examples of Protecting Content Using JSON Object
>> Signing and Encryption (JOSE)
>> Publication Date    : May 2015
>> Author(s)           : M. Miller
>> Category            : INFORMATIONAL
>> Source              : Javascript Object Signing and Encryption
>> Area                : Security
>> Stream              : IETF
>> Verifying Party     : IESG
>> 
>> _______________________________________________
>> jose mailing list
>> jose@ietf.org
>> https://www.ietf.org/mailman/listinfo/jose
>> 
>> _______________________________________________
>> jose mailing list
>> jose@ietf.org
>> https://www.ietf.org/mailman/listinfo/jose
>