[pkix] [Errata Rejected] RFC6844 (4515)

RFC Errata System <rfc-editor@rfc-editor.org> Tue, 22 August 2017 17:35 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id D67EA1329DC; Tue, 22 Aug 2017 10:35:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 8wiU8KGa-elK; Tue, 22 Aug 2017 10:35:00 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 890A6132328; Tue, 22 Aug 2017 10:35:00 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id BE5CCB80EBD; Tue, 22 Aug 2017 10:34:31 -0700 (PDT)
To: tom@tomclegg.ca, philliph@comodo.com, rob.stradling@comodo.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: Kathleen.Moriarty.ietf@gmail.com, iesg@ietf.org, pkix@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset=UTF-8
Message-Id: <20170822173431.BE5CCB80EBD@rfc-editor.org>
Date: Tue, 22 Aug 2017 10:34:31 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/5M3B2e0hBbJ5cU69KIP2GOpbVm4>
Subject: [pkix] [Errata Rejected] RFC6844 (4515)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Aug 2017 17:35:02 -0000

The following errata report has been rejected for RFC6844,
"DNS Certification Authority Authorization (CAA) Resource Record".

You may review the report below and at:

Status: Rejected
Type: Technical

Reported by: Tom Clegg <tom@tomclegg.ca>
Date Reported: 2015-10-29
Rejected by: Kathleen Moriarty (IESG)

Section: 4

Original Text
   o  If A(X) is not null, and R(A(X)) is not empty, then R(X) =
      R(A(X)), otherwise

Corrected Text
   o  If A(X) is not null, and CAA(A(X)) is not empty, then R(X) =
      CAA(A(X)), otherwise

R is the algorithm being described here, so R(A(X)) means a recursive search on the CNAME target, including its parents. However, the example that follows, Parent(Alias(x.y.z)) is not part of the search. Either the algorithm is incorrectly specified, or the example is incomplete.

While this change is correct, it has already been accepted with HFDU in errata 5065.
   Errata 5065 was accepted first and covers this error.

RFC6844 (draft-ietf-pkix-caa-15)
Title               : DNS Certification Authority Authorization (CAA) Resource Record
Publication Date    : January 2013
Author(s)           : P. Hallam-Baker, R. Stradling
Category            : PROPOSED STANDARD
Source              : Public-Key Infrastructure (X.509)
Area                : Security
Stream              : IETF
Verifying Party     : IESG