[pkix] [Technical Errata Reported] RFC6844 (4515)

RFC Errata System <rfc-editor@rfc-editor.org> Fri, 30 October 2015 00:06 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 3F1671ACEF1 for <pkix@ietfa.amsl.com>; Thu, 29 Oct 2015 17:06:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.912
X-Spam-Status: No, score=-101.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id PMbPQnGRehRX for <pkix@ietfa.amsl.com>; Thu, 29 Oct 2015 17:05:58 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1900:3001:11::31]) by ietfa.amsl.com (Postfix) with ESMTP id D296E1ACEF0 for <pkix@ietf.org>; Thu, 29 Oct 2015 17:05:58 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 4ABC2180005; Thu, 29 Oct 2015 17:05:16 -0700 (PDT)
To: philliph@comodo.com, rob.stradling@comodo.com, stephen.farrell@cs.tcd.ie, Kathleen.Moriarty.ietf@gmail.com, kent@bbn.com, stefan@aaa-sec.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20151030000516.4ABC2180005@rfc-editor.org>
Date: Thu, 29 Oct 2015 17:05:16 -0700 (PDT)
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/B3A1tChoBG0x6H4jwKPpEAY9xBo>
Cc: tom@tomclegg.ca, rfc-editor@rfc-editor.org, pkix@ietf.org
Subject: [pkix] [Technical Errata Reported] RFC6844 (4515)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Oct 2015 00:06:00 -0000

The following errata report has been submitted for RFC6844,
"DNS Certification Authority Authorization (CAA) Resource Record".

You may review the report below and at:

Type: Technical
Reported by: Tom Clegg <tom@tomclegg.ca>

Section: 4

Original Text
   o  If A(X) is not null, and R(A(X)) is not empty, then R(X) =
      R(A(X)), otherwise

Corrected Text
   o  If A(X) is not null, and CAA(A(X)) is not empty, then R(X) =
      CAA(A(X)), otherwise

R is the algorithm being described here, so R(A(X)) means a recursive search on the CNAME target, including its parents. However, the example that follows, Parent(Alias(x.y.z)) is not part of the search. Either the algorithm is incorrectly specified, or the example is incomplete.

This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party (IESG)
can log in to change the status and edit the report, if necessary. 

RFC6844 (draft-ietf-pkix-caa-15)
Title               : DNS Certification Authority Authorization (CAA) Resource Record
Publication Date    : January 2013
Author(s)           : P. Hallam-Baker, R. Stradling
Category            : PROPOSED STANDARD
Source              : Public-Key Infrastructure (X.509)
Area                : Security
Stream              : IETF
Verifying Party     : IESG