Re: [pkix] [Technical Errata Reported] RFC5913 (5890)

Jim Schaad <ietf@augustcellars.com> Sun, 03 November 2019 02:34 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2E4C12008B for <pkix@ietfa.amsl.com>; Sat, 2 Nov 2019 19:34:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CTwM7UNs9yQG for <pkix@ietfa.amsl.com>; Sat, 2 Nov 2019 19:34:04 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AABF3120013 for <pkix@ietf.org>; Sat, 2 Nov 2019 19:34:03 -0700 (PDT)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Sat, 2 Nov 2019 19:33:32 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Benjamin Kaduk' <kaduk@mit.edu>
CC: 'RFC Errata System' <rfc-editor@rfc-editor.org>, <turners@ieca.com>, <SChokhani@cygnacom.com>, <rdd@cert.org>, <kent@bbn.com>, <stefan@aaa-sec.com>, <pkix@ietf.org>
References: <20191031231219.933BFF406D7@rfc-editor.org> <002901d590fd$6b7a4b00$426ee100$@augustcellars.com> <20191103020449.GA55993@kduck.mit.edu>
In-Reply-To: <20191103020449.GA55993@kduck.mit.edu>
Date: Sat, 2 Nov 2019 19:33:29 -0700
Message-ID: <00b501d591ef$1688e820$439ab860$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-us
Thread-Index: AQJuC/9F+0GJlLC13NTwac5pDFsnLAHoEvj1AkAwP3WmJoPi8A==
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/BB1nvLbMAs_uNntJspdfMsQDfy0>
Subject: Re: [pkix] [Technical Errata Reported] RFC5913 (5890)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Nov 2019 02:34:06 -0000

This is an error in the text and not in the ASN.1 module, if it was in the
module I would agree.

-----Original Message-----
From: Benjamin Kaduk <kaduk@mit.edu> 
Sent: Saturday, November 2, 2019 7:05 PM
To: Jim Schaad <ietf@augustcellars.com>
Cc: 'RFC Errata System' <rfc-editor@rfc-editor.org>rg>; turners@ieca.com;
SChokhani@cygnacom.com; rdd@cert.org; kent@bbn.com; stefan@aaa-sec.com;
pkix@ietf.org
Subject: Re: [pkix] [Technical Errata Reported] RFC5913 (5890)

I've kept the "Technical" for similar ones in the past.
The ASN.1 is part of the protocol being specified, and if the ASN.1 as
written cannot be used, that feels like a technical flaw in the
specification.

-Ben

On Fri, Nov 01, 2019 at 02:43:34PM -0700, Jim Schaad wrote:
> Reasonable but editorial.
> 
> -----Original Message-----
> From: pkix <pkix-bounces@ietf.org> On Behalf Of RFC Errata System
> Sent: Thursday, October 31, 2019 4:12 PM
> To: turners@ieca.com; SChokhani@cygnacom.com; rdd@cert.org; 
> kaduk@mit.edu; kent@bbn.com; stefan@aaa-sec.com
> Cc: pkix@ietf.org; rfc-editor@rfc-editor.org
> Subject: [pkix] [Technical Errata Reported] RFC5913 (5890)
> 
> The following errata report has been submitted for RFC5913, "Clearance 
> Attribute and Authority Clearance Constraints Certificate Extension".
> 
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid5890
> 
> --------------------------------------
> Type: Technical
> Reported by: Russ Housley <housley@vigilsec.com>
> 
> Section: Section 3
> 
> Original Text
> -------------
>      id-pe-authorityClearanceConstraints OBJECT IDENTIFIER ::= {
>        iso(1) identified-organization(3) dod(6) internet(1) security(5)
>        mechanisms(5) pkix(7) pe(1) 21 }
> 
> Corrected Text
> --------------
>    id-pe-clearanceConstraints OBJECT IDENTIFIER ::=
>      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
>        mechanisms(5) pkix(7) pe(1) 21 }
> 
> Notes
> -----
> Section 3 and Appendix A use different names for the object identifier.
> They should match.  I propose changing Section 3 to match Appendix A.
> 
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please 
> use "Reply All" to discuss whether it should be verified or rejected. 
> When a decision is reached, the verifying party can log in to change 
> the status and edit the report, if necessary.
> 
> --------------------------------------
> RFC5913 (draft-ietf-pkix-authorityclearanceconstraints-03)
> --------------------------------------
> Title               : Clearance Attribute and Authority Clearance
> Constraints Certificate Extension
> Publication Date    : June 2010
> Author(s)           : S. Turner, S. Chokhani
> Category            : PROPOSED STANDARD
> Source              : Public-Key Infrastructure (X.509)
> Area                : Security
> Stream              : IETF
> Verifying Party     : IESG
> 
> _______________________________________________
> pkix mailing list
> pkix@ietf.org
> https://www.ietf.org/mailman/listinfo/pkix
>