Re: [ltans] [Technical Errata Reported] RFC4998 (7411)
tobias.gondrom@gondrom.org Tue, 11 April 2023 13:10 UTC
Return-Path: <tobias.gondrom@gondrom.org>
X-Original-To: ltans@ietfa.amsl.com
Delivered-To: ltans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD41DC1522D3 for <ltans@ietfa.amsl.com>; Tue, 11 Apr 2023 06:10:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); domainkeys=pass (1024-bit key) header.from=tobias.gondrom@gondrom.org header.d=gondrom.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M-XRyPCIEINR for <ltans@ietfa.amsl.com>; Tue, 11 Apr 2023 06:10:54 -0700 (PDT)
Received: from gondrom.org (www.gondrom.org [5.35.241.16]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 162F8C14F736 for <ltans@ietf.org>; Tue, 11 Apr 2023 06:10:52 -0700 (PDT)
Received: from Seraphim (unknown [151.192.95.242]) by gondrom.org (Postfix) with ESMTPSA id 026037F9ED; Tue, 11 Apr 2023 15:10:46 +0200 (CEST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=gondrom.org; b=0B5II3ak3YEwp/ySsoyVcZJk0n80iUOTo3v6sLaZJy7lxGJmgaJbZUwV0FGL2YEPUja/54OKGHMM0sl7b/33fLo0v5weOmMALTjI6pxaEnF0rie+zcx3fqWgzkzbZHbbPTSzJkKzWf1+ptHRZka6j31Hzb1hCdsak2B545w8M/E=; h=From:To:Cc:References:In-Reply-To:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Mailer:Thread-Index:Content-Language;
From: tobias.gondrom@gondrom.org
To: 'RFC Errata System' <rfc-editor@rfc-editor.org>, tobias.gondrom@opentext.com, ralf.brandner@intercomponentware.com, ulrich.pordesch@zv.fraunhofer.de, rdd@cert.org, paul.wouters@aiven.io, carl@redhoundsoftware.com
Cc: florian.fischer@fujitsu.com, ltans@ietf.org
References: <20230331202638.5364C4C288@rfcpa.amsl.com>
In-Reply-To: <20230331202638.5364C4C288@rfcpa.amsl.com>
Date: Tue, 11 Apr 2023 21:10:42 +0800
Message-ID: <026d01d96c77$08ad3f60$1a07be20$@gondrom.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQH3RmV2W9kdb3dWSIhrEXhYRr9s+q7qX+XA
Content-Language: en-us
Archived-At: <https://mailarchive.ietf.org/arch/msg/ltans/Y3RjMe3fug7865Yz8YJdpjJH3CU>
Subject: Re: [ltans] [Technical Errata Reported] RFC4998 (7411)
X-BeenThere: ltans@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: LTANS Working Group <ltans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ltans>, <mailto:ltans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ltans/>
List-Post: <mailto:ltans@ietf.org>
List-Help: <mailto:ltans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ltans>, <mailto:ltans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2023 13:10:58 -0000
Reject. As this is only a set of two items and the order of the items is deterministic, no binary ascending order is required. In fact changing the RFC from current order to binary ascending order would violate compatibility with existing ERS data sets. Best regards, Tobias -----Original Message----- From: ltans <ltans-bounces@ietf.org> On Behalf Of RFC Errata System Sent: Saturday, April 1, 2023 4:27 AM To: tobias.gondrom@opentext.com; ralf.brandner@intercomponentware.com; ulrich.pordesch@zv.fraunhofer.de; rdd@cert.org; paul.wouters@aiven.io; carl@redhoundsoftware.com; tobias.gondrom@gondrom.org Cc: florian.fischer@fujitsu.com; ltans@ietf.org; rfc-editor@rfc-editor.org Subject: [ltans] [Technical Errata Reported] RFC4998 (7411) The following errata report has been submitted for RFC4998, "Evidence Record Syntax (ERS)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7411 -------------------------------------- Type: Technical Reported by: Florian Fischer <florian.fischer@fujitsu.com> Section: 5.2. Original Text ------------- 4. Concatenate each h(i) with ha(i) and generate hash values h(i)' = H (h(i)+ ha(i)). For multi-document groups, this is: h(i_a)' = H (h(i_a)+ ha(i)) h(i_b)' = H (h(i_b)+ ha(i)), etc. Corrected Text -------------- 4. Concatenate each h(i) with ha(i) in binary ascending order and generate hash values h(i)' = H (h(i)+ ha(i)). For multi-document groups, this is: h(i_a)' = H (h(i_a)+ ha(i)) h(i_b)' = H (h(i_b)+ ha(i)), etc. Notes ----- In RFC 4998 HashTree-Renewal is specified in an ambiguous manner. Skipping sorting before concatenating is a deviation from all other steps in RFC 4998 where hashes are concatenated. This conclusion is supported by RFC 4998 "Figure 4" that illustrates the steps above and the explanation that follows. The relevant part is this: h2a' = H( binary sorted and concatenated (h2a, ha(2))) ... h2c' = H( binary sorted and concatenated (h2c, ha(2))) So the illustration and its explanation clearly states the sorting before concatenation. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC4998 (draft-ietf-ltans-ers-15) -------------------------------------- Title : Evidence Record Syntax (ERS) Publication Date : August 2007 Author(s) : T. Gondrom, R. Brandner, U. Pordesch Category : PROPOSED STANDARD Source : Long-Term Archive and Notary Services Area : Security Stream : IETF Verifying Party : IESG _______________________________________________ ltans mailing list ltans@ietf.org https://www.ietf.org/mailman/listinfo/ltans
- [ltans] [Technical Errata Reported] RFC4998 (7411) RFC Errata System
- Re: [ltans] [Technical Errata Reported] RFC4998 (… tobias.gondrom