[pkix] [Errata Held for Document Update] RFC4055 (5325)

RFC Errata System <rfc-editor@rfc-editor.org> Wed, 10 October 2018 15:37 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10980130F47; Wed, 10 Oct 2018 08:37:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6E6NQMg0b7CQ; Wed, 10 Oct 2018 08:37:09 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DCD5130E96; Wed, 10 Oct 2018 08:37:09 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id E2491B80DD9; Wed, 10 Oct 2018 08:36:51 -0700 (PDT)
To: ryan-ietf@sleevi.com, jimsch@exmsft.com, bkaliski@rsasecurity.com, housley@vigilsec.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: kaduk@mit.edu, iesg@ietf.org, pkix@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset=UTF-8
Message-Id: <20181010153651.E2491B80DD9@rfc-editor.org>
Date: Wed, 10 Oct 2018 08:36:51 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/_UAKp6zNi6d-ZWxq-Xk1jwwCdMg>
Subject: [pkix] [Errata Held for Document Update] RFC4055 (5325)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Oct 2018 15:37:11 -0000

The following errata report has been held for document update 
for RFC4055, "Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile". 

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata/eid5325

--------------------------------------
Status: Held for Document Update
Type: Editorial

Reported by: Ryan Sleevi <ryan-ietf@sleevi.com>;
Date Reported: 2018-04-13
Held by: Benjamin Kaduk (IESG)

Section: 4055

Original Text
-------------
If the keyUsage extension is present in a certificate conveys an RSA
public key with the id-RSAES-OAEP object identifier, then the
keyUsage extension MUST contain only the following values:


Corrected Text
--------------
If the keyUsage extension is present in a certificate that conveys an
RSA public key with the id-RSAES-OAEP object identifier, then the
keyUsage extension MUST contain only the following values:


Notes
-----
The certificate, rather than the keyUsage extension, conveys the id-RSAES-OAEP OID.

This was likely a typo based on the wording of the previous paragraph, "When a certificate conveys an RSA public key". This aligns the language with the paragraph earlier in this section, "If the keyUsage extension is present in an end-entity certificate that conveys an RSA public key".

--------------------------------------
RFC4055 (draft-ietf-pkix-rsa-pkalgs-03)
--------------------------------------
Title               : Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
Publication Date    : June 2005
Author(s)           : J. Schaad, B. Kaliski, R. Housley
Category            : PROPOSED STANDARD
Source              : Public-Key Infrastructure (X.509)
Area                : Security
Stream              : IETF
Verifying Party     : IESG