IETF Logo Mail Archive

Re: [pkix] [Technical Errata Reported] RFC5912 (3623)

"Jim Schaad" <jimsch@augustcellars.com> Thu, 16 May 2013 15:23 UTC

Return-Path: <jimsch@augustcellars.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D09D521F86F7 for <pkix@ietfa.amsl.com>; Thu, 16 May 2013 08:23:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aqg60WArYB6L for <pkix@ietfa.amsl.com>; Thu, 16 May 2013 08:23:10 -0700 (PDT)
Received: from smtp4.pacifier.net (smtp4.pacifier.net [64.255.237.176]) by ietfa.amsl.com (Postfix) with ESMTP id 8B6E221F9227 for <pkix@ietf.org>; Thu, 16 May 2013 08:23:10 -0700 (PDT)
Received: from Philemon (unknown [88.214.187.250]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp4.pacifier.net (Postfix) with ESMTPSA id 2607C38F1A; Thu, 16 May 2013 08:22:59 -0700 (PDT)
From: Jim Schaad <jimsch@augustcellars.com>
To: 'RFC Errata System' <rfc-editor@rfc-editor.org>, paul.hoffman@vpnc.org, jimsch@exmsft.com, stephen.farrell@cs.tcd.ie, turners@ieca.com, kent@bbn.com, stefan@aaa-sec.com
References: <20130516110751.438AC62103@rfc-editor.org>
In-Reply-To: <20130516110751.438AC62103@rfc-editor.org>
Date: Thu, 16 May 2013 16:22:00 +0100
Message-ID: <05f301ce5249$28be3f50$7a3abdf0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQKuR1tHlnNqYs/us1ZC1fWGtUuH3ZdIA0ug
Content-Language: en-us
X-Mailman-Approved-At: Thu, 16 May 2013 08:37:05 -0700
Cc: pkix@ietf.org
Subject: Re: [pkix] [Technical Errata Reported] RFC5912 (3623)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 May 2013 15:24:00 -0000

Reject

The serial number MUST be a positive integer assigned by the CA to
   each certificate.


> -----Original Message-----
> From: RFC Errata System [mailto:rfc-editor@rfc-editor.org]
> Sent: Thursday, May 16, 2013 12:08 PM
> To: paul.hoffman@vpnc.org; jimsch@exmsft.com; stephen.farrell@cs.tcd.ie;
> turners@ieca.com; kent@bbn.com; stefan@aaa-sec.com
> Cc: carl@redhoundsoftware.com; pkix@ietf.org; rfc-editor@rfc-editor.org
> Subject: [Technical Errata Reported] RFC5912 (3623)
> 
> The following errata report has been submitted for RFC5912, "New ASN.1
> Modules for the Public Key Infrastructure Using X.509 (PKIX)".
> 
> --------------------------------------
> You may review the report below and at:
> http://www.rfc-editor.org/errata_search.php?rfc=5912&eid=3623
> 
> --------------------------------------
> Type: Technical
> Reported by: Carl Wallace <carl@redhoundsoftware.com>
> 
> Section: 14
> 
> Original Text
> -------------
>    -- CRL number extension OID and syntax
>    ext-CRLNumber EXTENSION ::= {SYNTAX
>        INTEGER (0..MAX) IDENTIFIED BY id-ce-cRLNumber }
>    id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 }
> 
>    CRLNumber ::= INTEGER (0..MAX)
> 
> Corrected Text
> --------------
>    -- CRL number extension OID and syntax
>    CRLNumber ::= INTEGER
> 
>    ext-CRLNumber EXTENSION ::= {SYNTAX
>        CRLNumber IDENTIFIED BY id-ce-cRLNumber }
>    id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 }
> 
> 
> Notes
> -----
> The CRLNumber extension was not defined to use the CRLNumber type.  The
> CRLNumber type uses MAX to limit the maximum value.  This limitation is
> inconsistent with section 5.2.3 and Appendix B, which allow CRLNumber
> values up to 20 octets in length.
> 
> Instructions:
> -------------
> This errata is currently posted as "Reported". If necessary, please use
"Reply
> All" to discuss whether it should be verified or rejected. When a decision
is
> reached, the verifying party (IESG) can log in to change the status and
edit the
> report, if necessary.
> 
> --------------------------------------
> RFC5912 (draft-ietf-pkix-new-asn1-08)
> --------------------------------------
> Title               : New ASN.1 Modules for the Public Key Infrastructure
Using
> X.509 (PKIX)
> Publication Date    : June 2010
> Author(s)           : P. Hoffman, J. Schaad
> Category            : INFORMATIONAL
> Source              : Public-Key Infrastructure (X.509)
> Area                : Security
> Stream              : IETF
> Verifying Party     : IESG

v2.23.0 | Report a Bug | By Email