[sidr] [Errata Verified] RFC6487 (4080)
RFC Errata System <rfc-editor@rfc-editor.org> Thu, 04 December 2014 17:24 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5295B1A3BA0; Thu, 4 Dec 2014 09:24:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.912
X-Spam-Level:
X-Spam-Status: No, score=-6.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vOyx9T5e_vBl; Thu, 4 Dec 2014 09:24:51 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) by ietfa.amsl.com (Postfix) with ESMTP id 41B6C1A889F; Thu, 4 Dec 2014 09:24:51 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id C0D91181CDC; Thu, 4 Dec 2014 09:24:16 -0800 (PST)
To: turners@ieca.com, gih@apnic.net, ggm@apnic.net, robertl@apnic.net
X-PHP-Originating-Script: 1005:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20141204172416.C0D91181CDC@rfc-editor.org>
Date: Thu, 04 Dec 2014 09:24:16 -0800
Archived-At: http://mailarchive.ietf.org/arch/msg/sidr/G5u_8SKlE_MGLwzq61pj93sK20c
Cc: rfc-editor@rfc-editor.org, akatlas@juniper.net, iesg@ietf.org, sidr@ietf.org
Subject: [sidr] [Errata Verified] RFC6487 (4080)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Dec 2014 17:24:53 -0000
The following errata report has been verified for RFC6487, "A Profile for X.509 PKIX Resource Certificates". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=6487&eid=4080 -------------------------------------- Status: Verified Type: Technical Reported by: Sean Turner <turners@ieca.com> Date Reported: 2014-08-12 Verified by: Alia Atlas (IESG) Section: 6.1.1 Original Text ------------- This field MAY be omitted. If present, the value of this field SHOULD be empty (i.e., NULL), in which case the CA MUST generate a subject name that is unique in the context of certificates issued by this CA. This field is allowed to be non-empty only for a re-key/reissuance request, and only if the CA has adopted a policy (in its Certificate Practice Statement (CPS)) that permits reuse of names in these circumstances. Corrected Text -------------- This field SHOULD be empty (i.e., NULL), in which case the CA MUST generate a subject name that is unique in the context of certificates issued by this CA. This field is allowed to be non-empty only for a re-key/reissuance request, and only if the CA has adopted a policy (in its Certificate Practice Statement (CPS)) that permits reuse of names in these circumstances. Notes ----- Submitted after consultation with the responsible AD and WG chairs. The subject field included in the PKCS#10 request can't be omitted because the ASN.1 in RFC 2986 doesnât allow subject to be omitted - thereâs no âOPTIONALâ in the ASN.1: CertificationRequestInfo ::= SEQUENCE { version INTEGER { v1(0) } (v1,...), subject Name, subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }}, attributes [0] Attributes{{ CRIAttributes }} } In other words, four fields are included in every certificate request. If thereâs no subject field itâs a NULL (see RFC5280 for omitting subjects) and if thereâs no attributes itâs an empty sequence. version and subjectPKInfo (subject public key information) are always present. -------------------------------------- RFC6487 (draft-ietf-sidr-res-certs-22) -------------------------------------- Title : A Profile for X.509 PKIX Resource Certificates Publication Date : February 2012 Author(s) : G. Huston, G. Michaelson, R. Loomans Category : PROPOSED STANDARD Source : Secure Inter-Domain Routing Area : Routing Stream : IETF Verifying Party : IESG
- [sidr] [Technical Errata Reported] RFC6487 (4080) RFC Errata System
- Re: [sidr] [Technical Errata Reported] RFC6487 (4… Geoff Huston
- [sidr] [Errata Verified] RFC6487 (4080) RFC Errata System