[pkix] [Editorial Errata Reported] RFC5280 (4274)

RFC Errata System <rfc-editor@rfc-editor.org> Thu, 19 February 2015 10:43 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B9D91A8AAE for <pkix@ietfa.amsl.com>; Thu, 19 Feb 2015 02:43:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.912
X-Spam-Level:
X-Spam-Status: No, score=-101.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hZ66g9PohZUE for <pkix@ietfa.amsl.com>; Thu, 19 Feb 2015 02:43:47 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1900:3001:11::31]) by ietfa.amsl.com (Postfix) with ESMTP id 0600B1A8AAC for <pkix@ietf.org>; Thu, 19 Feb 2015 02:43:47 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 831BA181D1F; Thu, 19 Feb 2015 02:43:38 -0800 (PST)
To: david.cooper@nist.gov, stefans@microsoft.com, stephen.farrell@cs.tcd.ie, sharon.boeyen@entrust.com, housley@vigilsec.com, wpolk@nist.gov, stephen.farrell@cs.tcd.ie, Kathleen.Moriarty.ietf@gmail.com, kent@bbn.com, stefan@aaa-sec.com
X-PHP-Originating-Script: 6000:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20150219104338.831BA181D1F@rfc-editor.org>
Date: Thu, 19 Feb 2015 02:43:38 -0800 (PST)
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/3Rg8ChXgvcmvSlM10ECDI7c2Dik>
X-Mailman-Approved-At: Thu, 19 Feb 2015 17:59:43 -0800
Cc: pkix@ietf.org, i.matveychikov@securitycode.ru, rfc-editor@rfc-editor.org
Subject: [pkix] [Editorial Errata Reported] RFC5280 (4274)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Feb 2015 10:43:49 -0000

The following errata report has been submitted for RFC5280,
"Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile".

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=5280&eid=4274

--------------------------------------
Type: Editorial
Reported by: Ilya V. Matveychikov <i.matveychikov@securitycode.ru>

Section: A.1

Original Text
-------------
-- Naming attributes of type X520CommonName:
--   X520CommonName ::= DirectoryName (SIZE (1..ub-common-name))

...

-- Naming attributes of type X520LocalityName:
--   X520LocalityName ::= DirectoryName (SIZE (1..ub-locality-name))

...

-- Naming attributes of type X520StateOrProvinceName:
--   X520StateOrProvinceName ::= DirectoryName (SIZE (1..ub-state-name))

...

-- Naming attributes of type X520OrganizationName:
--   X520OrganizationName ::=
--          DirectoryName (SIZE (1..ub-organization-name))

...

-- Naming attributes of type X520OrganizationalUnitName:
--   X520OrganizationalUnitName ::=
--          DirectoryName (SIZE (1..ub-organizational-unit-name))

...

-- Naming attributes of type X520Title:
--   X520Title ::= DirectoryName (SIZE (1..ub-title))

...

-- Naming attributes of type X520Pseudonym:
--   X520Pseudonym ::= DirectoryName (SIZE (1..ub-pseudonym))


Corrected Text
--------------
-- Naming attributes of type X520CommonName:
--   X520CommonName ::= DirectoryString (SIZE (1..ub-common-name))

...

-- Naming attributes of type X520LocalityName:
--   X520LocalityName ::= DirectoryString (SIZE (1..ub-locality-name))

...

-- Naming attributes of type X520StateOrProvinceName:
--   X520StateOrProvinceName ::=
--          DirectoryString (SIZE (1..ub-state-name))

...

-- Naming attributes of type X520OrganizationName:
--   X520OrganizationName ::=
--          DirectoryString (SIZE (1..ub-organization-name))

...

-- Naming attributes of type X520OrganizationalUnitName:
--   X520OrganizationalUnitName ::=
--          DirectoryString (SIZE (1..ub-organizational-unit-name))

...

-- Naming attributes of type X520Title:
--   X520Title ::= DirectoryString (SIZE (1..ub-title))

...

-- Naming attributes of type X520Pseudonym:
--   X520Pseudonym ::= DirectoryString (SIZE (1..ub-pseudonym))


Notes
-----
Appendix B.  ASN.1 Notes says that:

   For many of the attribute types defined in [X.520], the
   AttributeValue uses the DirectoryString type.  Of the attributes
   specified in Appendix A, the name, surname, givenName, initials,
   generationQualifier, commonName, localityName, stateOrProvinceName,
   organizationName, organizationalUnitName, title, and pseudonym
   attributes all use the DirectoryString type.  X.520 uses a
   parameterized type definition [X.683] of DirectoryString to specify
   the syntax for each of these attributes.  The parameter is used to
   indicate the maximum string length allowed for the attribute.  In
   Appendix A, in order to avoid the use of parameterized type
   definitions, the DirectoryString type is written in its expanded form
   for the definition of each of these attribute types.  So, the ASN.1
   in Appendix A describes the syntax for each of these attributes as
   being a CHOICE of TeletexString, PrintableString, UniversalString,
   UTF8String, and BMPString, with the appropriate constraints on the
   string length applied to each of the types in the CHOICE, rather than
   using the ASN.1 type DirectoryString to describe the syntax.

There is nothing about DirectoryName type here. So comments in ASN.1 in
A.1 are wrong and DirectoryName should be fixed to DirectoryString.

Instructions:
-------------
This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party (IESG)
can log in to change the status and edit the report, if necessary. 

--------------------------------------
RFC5280 (draft-ietf-pkix-rfc3280bis-11)
--------------------------------------
Title               : Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
Publication Date    : May 2008
Author(s)           : D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, W. Polk
Category            : PROPOSED STANDARD
Source              : Public-Key Infrastructure (X.509)
Area                : Security
Stream              : IETF
Verifying Party     : IESG