Re: [pkix] [Technical Errata Reported] RFC5913 (5890)

Benjamin Kaduk <kaduk@mit.edu> Sun, 03 November 2019 02:05 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C330712003F for <pkix@ietfa.amsl.com>; Sat, 2 Nov 2019 19:05:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q7Hgn0kHLMmE for <pkix@ietfa.amsl.com>; Sat, 2 Nov 2019 19:05:30 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 936E9120013 for <pkix@ietf.org>; Sat, 2 Nov 2019 19:05:30 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id xA324oUt024707 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 2 Nov 2019 22:04:52 -0400
Date: Sat, 2 Nov 2019 19:04:49 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Jim Schaad <ietf@augustcellars.com>
Cc: "'RFC Errata System'" <rfc-editor@rfc-editor.org>, turners@ieca.com, SChokhani@cygnacom.com, rdd@cert.org, kent@bbn.com, stefan@aaa-sec.com, pkix@ietf.org
Message-ID: <20191103020449.GA55993@kduck.mit.edu>
References: <20191031231219.933BFF406D7@rfc-editor.org> <002901d590fd$6b7a4b00$426ee100$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <002901d590fd$6b7a4b00$426ee100$@augustcellars.com>
User-Agent: Mutt/1.12.1 (2019-06-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/Lz3SKbMg5aBcKSAXvaa-YnlHUL4>
Subject: Re: [pkix] [Technical Errata Reported] RFC5913 (5890)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Nov 2019 02:05:33 -0000

I've kept the "Technical" for similar ones in the past.
The ASN.1 is part of the protocol being specified, and if the ASN.1 as
written cannot be used, that feels like a technical flaw in the
specification.

-Ben

On Fri, Nov 01, 2019 at 02:43:34PM -0700, Jim Schaad wrote:
> Reasonable but editorial.
> 
> -----Original Message-----
> From: pkix <pkix-bounces@ietf.org>; On Behalf Of RFC Errata System
> Sent: Thursday, October 31, 2019 4:12 PM
> To: turners@ieca.com; SChokhani@cygnacom.com; rdd@cert.org; kaduk@mit.edu;
> kent@bbn.com; stefan@aaa-sec.com
> Cc: pkix@ietf.org; rfc-editor@rfc-editor.org
> Subject: [pkix] [Technical Errata Reported] RFC5913 (5890)
> 
> The following errata report has been submitted for RFC5913, "Clearance
> Attribute and Authority Clearance Constraints Certificate Extension".
> 
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid5890
> 
> --------------------------------------
> Type: Technical
> Reported by: Russ Housley <housley@vigilsec.com>;
> 
> Section: Section 3
> 
> Original Text
> -------------
>      id-pe-authorityClearanceConstraints OBJECT IDENTIFIER ::= {
>        iso(1) identified-organization(3) dod(6) internet(1) security(5)
>        mechanisms(5) pkix(7) pe(1) 21 }
> 
> Corrected Text
> --------------
>    id-pe-clearanceConstraints OBJECT IDENTIFIER ::=
>      { iso(1) identified-organization(3) dod(6) internet(1) security(5)
>        mechanisms(5) pkix(7) pe(1) 21 }
> 
> Notes
> -----
> Section 3 and Appendix A use different names for the object identifier.
> They should match.  I propose changing Section 3 to match Appendix A.
> 
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please use
> "Reply All" to discuss whether it should be verified or rejected. When a
> decision is reached, the verifying party can log in to change the status and
> edit the report, if necessary. 
> 
> --------------------------------------
> RFC5913 (draft-ietf-pkix-authorityclearanceconstraints-03)
> --------------------------------------
> Title               : Clearance Attribute and Authority Clearance
> Constraints Certificate Extension
> Publication Date    : June 2010
> Author(s)           : S. Turner, S. Chokhani
> Category            : PROPOSED STANDARD
> Source              : Public-Key Infrastructure (X.509)
> Area                : Security
> Stream              : IETF
> Verifying Party     : IESG
> 
> _______________________________________________
> pkix mailing list
> pkix@ietf.org
> https://www.ietf.org/mailman/listinfo/pkix
>