[pkix] [Technical Errata Reported] RFC3281 (8159)

RFC Errata System <rfc-editor@rfc-editor.org> Mon, 28 October 2024 22:17 UTC

Return-Path: <wwwrun@rfcpa.rfc-editor.org>
X-Original-To: pkix@ietf.org
Delivered-To: pkix@ietfa.amsl.com
Received: from rfcpa.rfc-editor.org (unknown [167.172.21.234]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8796BC1840EF; Mon, 28 Oct 2024 15:17:32 -0700 (PDT)
Received: by rfcpa.rfc-editor.org (Postfix, from userid 461) id ECA987F9E0; Mon, 28 Oct 2024 15:17:31 -0700 (PDT)
To: stephen.farrell@baltimore.ie, rhousley@rsasecurity.com, debcooley1@gmail.com, paul.wouters@aiven.io, kent@bbn.com, stefan@aaa-sec.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20241028221731.ECA987F9E0@rfcpa.rfc-editor.org>
Date: Mon, 28 Oct 2024 15:17:31 -0700
Message-ID-Hash: DL4VEZ7DTFWEQSZOP6EMGODBEB6DF3PP
X-Message-ID-Hash: DL4VEZ7DTFWEQSZOP6EMGODBEB6DF3PP
X-MailFrom: wwwrun@rfcpa.rfc-editor.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-pkix.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: jdickerson1111@icloud.com, pkix@ietf.org, rfc-editor@rfc-editor.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [pkix] [Technical Errata Reported] RFC3281 (8159)
List-Id: PKIX Working Group <pkix.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/Ot4fcJu9QvVIlCTMA2YqXqiCUu0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Owner: <mailto:pkix-owner@ietf.org>
List-Post: <mailto:pkix@ietf.org>
List-Subscribe: <mailto:pkix-join@ietf.org>
List-Unsubscribe: <mailto:pkix-leave@ietf.org>

The following errata report has been submitted for RFC3281,
"An Internet Attribute Certificate Profile for Authorization".

--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid8159

--------------------------------------
Type: Technical
Reported by: Jason Dickerson <jdickerson1111@icloud.com>

Section: 1

Original Text
-------------
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in BCP 14, RFC 2119.


Corrected Text
--------------
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document "SHALL NOT" interpreted as described in BCP 14, RFC 2119.


Notes
-----
This is illegally allowing this to bypass the system and collect customer information and personal data.

Instructions:
-------------
This erratum is currently posted as "Reported". (If it is spam, it 
will be removed shortly by the RFC Production Center.) Please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party  
will log in to change the status and edit the report, if necessary.

--------------------------------------
RFC3281 (draft-ietf-pkix-ac509prof-09)
--------------------------------------
Title               : An Internet Attribute Certificate Profile for Authorization
Publication Date    : April 2002
Author(s)           : S. Farrell, R. Housley
Category            : PROPOSED STANDARD
Source              : Public-Key Infrastructure (X.509)
Stream              : IETF
Verifying Party     : IESG