[ltans] [Technical Errata Reported] RFC4998 (7411)
RFC Errata System <rfc-editor@rfc-editor.org> Fri, 31 March 2023 20:26 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: ltans@ietfa.amsl.com
Delivered-To: ltans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A0D7C151B07 for <ltans@ietfa.amsl.com>; Fri, 31 Mar 2023 13:26:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.947
X-Spam-Level:
X-Spam-Status: No, score=-3.947 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id de_WI72w0HFa for <ltans@ietfa.amsl.com>; Fri, 31 Mar 2023 13:26:38 -0700 (PDT)
Received: from rfcpa.amsl.com (rfc-editor.org [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8900BC151547 for <ltans@ietf.org>; Fri, 31 Mar 2023 13:26:38 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 5364C4C288; Fri, 31 Mar 2023 13:26:38 -0700 (PDT)
To: tobias.gondrom@opentext.com, ralf.brandner@intercomponentware.com, ulrich.pordesch@zv.fraunhofer.de, rdd@cert.org, paul.wouters@aiven.io, carl@redhoundsoftware.com, tobias.gondrom@gondrom.org
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: florian.fischer@fujitsu.com, ltans@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20230331202638.5364C4C288@rfcpa.amsl.com>
Date: Fri, 31 Mar 2023 13:26:38 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ltans/GrYjainudZColLoBSaGkhwJRfSk>
X-Mailman-Approved-At: Mon, 10 Apr 2023 03:16:33 -0700
Subject: [ltans] [Technical Errata Reported] RFC4998 (7411)
X-BeenThere: ltans@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: LTANS Working Group <ltans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ltans>, <mailto:ltans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ltans/>
List-Post: <mailto:ltans@ietf.org>
List-Help: <mailto:ltans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ltans>, <mailto:ltans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Mar 2023 20:26:43 -0000
The following errata report has been submitted for RFC4998, "Evidence Record Syntax (ERS)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7411 -------------------------------------- Type: Technical Reported by: Florian Fischer <florian.fischer@fujitsu.com> Section: 5.2. Original Text ------------- 4. Concatenate each h(i) with ha(i) and generate hash values h(i)' = H (h(i)+ ha(i)). For multi-document groups, this is: h(i_a)' = H (h(i_a)+ ha(i)) h(i_b)' = H (h(i_b)+ ha(i)), etc. Corrected Text -------------- 4. Concatenate each h(i) with ha(i) in binary ascending order and generate hash values h(i)' = H (h(i)+ ha(i)). For multi-document groups, this is: h(i_a)' = H (h(i_a)+ ha(i)) h(i_b)' = H (h(i_b)+ ha(i)), etc. Notes ----- In RFC 4998 HashTree-Renewal is specified in an ambiguous manner. Skipping sorting before concatenating is a deviation from all other steps in RFC 4998 where hashes are concatenated. This conclusion is supported by RFC 4998 "Figure 4" that illustrates the steps above and the explanation that follows. The relevant part is this: h2a' = H( binary sorted and concatenated (h2a, ha(2))) ... h2c' = H( binary sorted and concatenated (h2c, ha(2))) So the illustration and its explanation clearly states the sorting before concatenation. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC4998 (draft-ietf-ltans-ers-15) -------------------------------------- Title : Evidence Record Syntax (ERS) Publication Date : August 2007 Author(s) : T. Gondrom, R. Brandner, U. Pordesch Category : PROPOSED STANDARD Source : Long-Term Archive and Notary Services Area : Security Stream : IETF Verifying Party : IESG
- [ltans] [Technical Errata Reported] RFC4998 (7411) RFC Errata System
- Re: [ltans] [Technical Errata Reported] RFC4998 (… tobias.gondrom