IETF Logo Mail Archive

Re: [pkix] [Errata Rejected] RFC5272 (4186)

"Leonberger, Pierce (US SSA)" <pierce.leonberger@baesystems.com> Wed, 01 April 2015 13:40 UTC

Return-Path: <pierce.leonberger@baesystems.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CAED1A9109; Wed, 1 Apr 2015 06:40:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fmv9mEWrBP3j; Wed, 1 Apr 2015 06:39:58 -0700 (PDT)
Received: from dmzms99801.na.baesystems.com (dmzsmtprelay.us.baesystems.com [149.32.232.65]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 330111A9105; Wed, 1 Apr 2015 06:39:58 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.11,503,1422921600"; d="scan'208";a="178061227"
X-IronPort-AV: E=Sophos;i="5.11,503,1422921600"; d="scan'208";a="409998211"
From: "Leonberger, Pierce (US SSA)" <pierce.leonberger@baesystems.com>
To: RFC Errata System <rfc-editor@rfc-editor.org>, "jimsch@nwlink.com" <jimsch@nwlink.com>, "mmyers@fastq.com" <mmyers@fastq.com>
Thread-Topic: [Errata Rejected] RFC5272 (4186)
Thread-Index: AQHQa/Xb765y0VRxCEuMFaivf77ixZ04Hb8P
Date: Wed, 01 Apr 2015 13:39:55 +0000
In-Reply-To: <20150331210107.E099218046D@rfc-editor.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.60.93.33]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Message-Id: <20150401133958.330111A9105@ietfa.amsl.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/51zMPEfar87EDmKH_TC8EpGOfjg>
Cc: "pkix@ietf.org" <pkix@ietf.org>, "Kathleen.Moriarty@emc.com" <Kathleen.Moriarty@emc.com>, "iesg@ietf.org" <iesg@ietf.org>
Subject: Re: [pkix] [Errata Rejected] RFC5272 (4186)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 13:40:00 -0000

The CMS Data Content Type does not have an ASN.1 Type associated with it. 

There are no "standard" RFCs in which Data Content Type is defined as an OCTET STRING.  In RFCs 5911 and 6268 "new" ASN.1 syntax is used to define EncapsulatedContentInfo where eContent contains an Open Type.   In RFC 5911 the "ct-Data" CONTENT-TYPE was initially defined as having a OCTET STRING type.   That was corrected in the errata and subsequent 6268.

-Pierce
________________________________________
From: RFC Errata System [rfc-editor@rfc-editor.org]
Sent: Tuesday, March 31, 2015 5:01 PM
To: Leonberger, Pierce (US SSA); jimsch@nwlink.com; mmyers@fastq.com
Cc: Kathleen.Moriarty@emc.com; iesg@ietf.org; pkix@ietf.org; rfc-editor@rfc-editor.org
Subject: [Errata Rejected] RFC5272 (4186)

The following errata report has been rejected for RFC5272,
"Certificate Management over CMS (CMC)".

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=5272&eid=4186

--------------------------------------
Status: Rejected
Type: Technical

Reported by: Pierce Leonberger <pierce.leonberger@baesystems.com>
Date Reported: 2014-11-18
Rejected by: Kathleen Moriarty (IESG)

Section: 3.2.1.3.2

Original Text
-------------
The Data content type allows for general transport of unstructured
   data.

   The Data content type is used by this document for:

      Holding the encrypted random value y for POP proof in the
      encrypted POP control (see Section 6.7).

Corrected Text
--------------
See Notes

Notes
-----
It's invalid for the encoding of an ANY or OpenType to have "unstructured" data.  See X.690 section 8.15:

8.15 Encoding of an open type
The value of an open type is also a value of some (other) ASN.1 type. The encoding of such a value shall be the complete encoding herein specified for the value considered as being of that other type.

Note there's similar wording in X.209 section 21 for ANY:

21 Encoding of a value of the ANY type
The encoding of an ANY type shall be the complete encoding specified in this Recommendation for the type of the value of the ANY type.
 --VERIFIER NOTES--
The Data content type being referenced here is the Data content type from CMS.  This type is defined as using an OCTET STRING wrapper around the data.  Therefore unstructured data is not being placed at the ASN.1 level and the referenced text does not apply.

--------------------------------------
RFC5272 (draft-ietf-pkix-2797-bis-07)
--------------------------------------
Title               : Certificate Management over CMS (CMC)
Publication Date    : June 2008
Author(s)           : J. Schaad, M. Myers
Category            : PROPOSED STANDARD
Source              : Public-Key Infrastructure (X.509)
Area                : Security
Stream              : IETF
Verifying Party     : IESG

v2.29.0 | Report a Bug | By Email | System Status