[pkix] [Editorial Errata Reported] RFC5280 (4274)
RFC Errata System <rfc-editor@rfc-editor.org> Thu, 19 February 2015 10:43 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B9D91A8AAE for <pkix@ietfa.amsl.com>; Thu, 19 Feb 2015 02:43:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.912
X-Spam-Level:
X-Spam-Status: No, score=-101.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hZ66g9PohZUE for <pkix@ietfa.amsl.com>; Thu, 19 Feb 2015 02:43:47 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1900:3001:11::31]) by ietfa.amsl.com (Postfix) with ESMTP id 0600B1A8AAC for <pkix@ietf.org>; Thu, 19 Feb 2015 02:43:47 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 831BA181D1F; Thu, 19 Feb 2015 02:43:38 -0800 (PST)
To: david.cooper@nist.gov, stefans@microsoft.com, stephen.farrell@cs.tcd.ie, sharon.boeyen@entrust.com, housley@vigilsec.com, wpolk@nist.gov, stephen.farrell@cs.tcd.ie, Kathleen.Moriarty.ietf@gmail.com, kent@bbn.com, stefan@aaa-sec.com
X-PHP-Originating-Script: 6000:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20150219104338.831BA181D1F@rfc-editor.org>
Date: Thu, 19 Feb 2015 02:43:38 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/3Rg8ChXgvcmvSlM10ECDI7c2Dik>
X-Mailman-Approved-At: Thu, 19 Feb 2015 17:59:43 -0800
Cc: pkix@ietf.org, i.matveychikov@securitycode.ru, rfc-editor@rfc-editor.org
Subject: [pkix] [Editorial Errata Reported] RFC5280 (4274)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Feb 2015 10:43:49 -0000
The following errata report has been submitted for RFC5280, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=5280&eid=4274 -------------------------------------- Type: Editorial Reported by: Ilya V. Matveychikov <i.matveychikov@securitycode.ru> Section: A.1 Original Text ------------- -- Naming attributes of type X520CommonName: -- X520CommonName ::= DirectoryName (SIZE (1..ub-common-name)) ... -- Naming attributes of type X520LocalityName: -- X520LocalityName ::= DirectoryName (SIZE (1..ub-locality-name)) ... -- Naming attributes of type X520StateOrProvinceName: -- X520StateOrProvinceName ::= DirectoryName (SIZE (1..ub-state-name)) ... -- Naming attributes of type X520OrganizationName: -- X520OrganizationName ::= -- DirectoryName (SIZE (1..ub-organization-name)) ... -- Naming attributes of type X520OrganizationalUnitName: -- X520OrganizationalUnitName ::= -- DirectoryName (SIZE (1..ub-organizational-unit-name)) ... -- Naming attributes of type X520Title: -- X520Title ::= DirectoryName (SIZE (1..ub-title)) ... -- Naming attributes of type X520Pseudonym: -- X520Pseudonym ::= DirectoryName (SIZE (1..ub-pseudonym)) Corrected Text -------------- -- Naming attributes of type X520CommonName: -- X520CommonName ::= DirectoryString (SIZE (1..ub-common-name)) ... -- Naming attributes of type X520LocalityName: -- X520LocalityName ::= DirectoryString (SIZE (1..ub-locality-name)) ... -- Naming attributes of type X520StateOrProvinceName: -- X520StateOrProvinceName ::= -- DirectoryString (SIZE (1..ub-state-name)) ... -- Naming attributes of type X520OrganizationName: -- X520OrganizationName ::= -- DirectoryString (SIZE (1..ub-organization-name)) ... -- Naming attributes of type X520OrganizationalUnitName: -- X520OrganizationalUnitName ::= -- DirectoryString (SIZE (1..ub-organizational-unit-name)) ... -- Naming attributes of type X520Title: -- X520Title ::= DirectoryString (SIZE (1..ub-title)) ... -- Naming attributes of type X520Pseudonym: -- X520Pseudonym ::= DirectoryString (SIZE (1..ub-pseudonym)) Notes ----- Appendix B. ASN.1 Notes says that: For many of the attribute types defined in [X.520], the AttributeValue uses the DirectoryString type. Of the attributes specified in Appendix A, the name, surname, givenName, initials, generationQualifier, commonName, localityName, stateOrProvinceName, organizationName, organizationalUnitName, title, and pseudonym attributes all use the DirectoryString type. X.520 uses a parameterized type definition [X.683] of DirectoryString to specify the syntax for each of these attributes. The parameter is used to indicate the maximum string length allowed for the attribute. In Appendix A, in order to avoid the use of parameterized type definitions, the DirectoryString type is written in its expanded form for the definition of each of these attribute types. So, the ASN.1 in Appendix A describes the syntax for each of these attributes as being a CHOICE of TeletexString, PrintableString, UniversalString, UTF8String, and BMPString, with the appropriate constraints on the string length applied to each of the types in the CHOICE, rather than using the ASN.1 type DirectoryString to describe the syntax. There is nothing about DirectoryName type here. So comments in ASN.1 in A.1 are wrong and DirectoryName should be fixed to DirectoryString. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party (IESG) can log in to change the status and edit the report, if necessary. -------------------------------------- RFC5280 (draft-ietf-pkix-rfc3280bis-11) -------------------------------------- Title : Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile Publication Date : May 2008 Author(s) : D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, W. Polk Category : PROPOSED STANDARD Source : Public-Key Infrastructure (X.509) Area : Security Stream : IETF Verifying Party : IESG
- [pkix] [Errata Held for Document Update] RFC5280 … RFC Errata System
- [pkix] [Editorial Errata Reported] RFC5280 (4274) RFC Errata System
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Stefan Santesson
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Carl Wallace
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Carl Wallace
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Martin Rex
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Stefan Santesson
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Erik Andersen
- [pkix] FW: [Editorial Errata Reported] RFC5280 (4… Sharon Boeyen
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Stephen Kent
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Jeremy Rowley
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Carl Wallace
- Re: [pkix] [Editorial Errata Reported] RFC5280 (4… Jeremy Rowley