Re: [sidr] Fwd: [Errata Rejected] RFC6487 (3168)
Andrew Chi <achi@bbn.com> Mon, 06 May 2013 15:03 UTC
Return-Path: <achi@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B0FD21F93EB for <sidr@ietfa.amsl.com>; Mon, 6 May 2013 08:03:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6eg0DaI1As4o for <sidr@ietfa.amsl.com>; Mon, 6 May 2013 08:03:07 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 4C3E121F93EF for <sidr@ietf.org>; Mon, 6 May 2013 08:03:06 -0700 (PDT)
Received: from dhcp89-089-010.bbn.com ([128.89.89.10]:54365 helo=[127.0.0.1]) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <achi@bbn.com>) id 1UZMwR-000Muw-2D; Mon, 06 May 2013 11:03:03 -0400
Message-ID: <5187C623.7070600@bbn.com>
Date: Mon, 06 May 2013 11:02:59 -0400
From: Andrew Chi <achi@bbn.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: stbryant@cisco.com
References: <20130506122439.12042B1E003@rfc-editor.org> <5187A268.5010703@cisco.com>
In-Reply-To: <5187A268.5010703@cisco.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "sidr-chairs@tools.ietf.org" <sidr-chairs@tools.ietf.org>, sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] Fwd: [Errata Rejected] RFC6487 (3168)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 May 2013 15:03:12 -0000
Is this really a technical change? The document has two places that state X, and one place (citing 5280) that states Y. This erratum replaces the Y statement with X. All implementers have already implemented X since it's the stricter form of Y. X = no other extensions are allowed Y = non-critical extensions MAY be ignored If this truly is a technical change, then we should have an update doc. But I'm just trying to minimize needless words. Andrew On 5/6/2013 8:30 AM, Stewart Bryant wrote: > > Whilst this change was supported by one author and one of the chairs, > it is a technical change and thus outside the scope of change > permitted in an errata. > > The correct approach is for a member of the WG to produce a > short update draft and test that this has WG and IETF consensus. > > Please can the chairs drive this process. > > - Stewart > > > -------- Original Message -------- > Subject: [Errata Rejected] RFC6487 (3168) > Date: Mon, 6 May 2013 05:24:39 -0700 > From: RFC Errata System <rfc-editor@rfc-editor.org> > To: <dmandelb@bbn.com>, <gih@apnic.net>, <ggm@apnic.net>, > <robertl@apnic.net> > CC: <stbryant@cisco.com>, <iesg@ietf.org>, <rfc-editor@rfc-editor.org> > > > > The following errata report has been rejected for RFC6487, > "A Profile for X.509 PKIX Resource Certificates". > > -------------------------------------- > You may review the report below and at: > http://www.rfc-editor.org/errata_search.php?rfc=6487&eid=3168 > > -------------------------------------- > Status: Rejected > Type: Technical > > Reported by: David Mandelberg<dmandelb@bbn.com> > Date Reported: 2012-03-26 > Rejected by: Stewart Bryant (IESG) > > Section: 4.8 > > Original Text > ------------- > or non-critical. A certificate-using system MUST reject the > > certificate if it encounters a critical extension it does not > > recognize; however, a non-critical extension MAY be ignored if it is > > not recognized [RFC5280]. > > Corrected Text > -------------- > or non-critical. A certificate-using system MUST reject the > > certificate if it encounters an extension not explicitly mentioned > > in this document. This is in contrast to RFC 5280 which allows > > non-critical extensions to be ignored. > > Notes > ----- > Other sections of the same document contradict the original section 4.8: > > > > Section 1: > > > > Any extensions not explicitly mentioned MUST be absent. The same > > applies to the CRLs used in the RPKI, that are also profiled in this > > document. > > > > Section 8: > > > > Certificate Extensions: > > This profile does not permit the use of any other critical or > > non-critical extensions. > --VERIFIER NOTES-- > This is a technical change to the RFC and needs to be addressed though the IETF consensus process and rather than via the errata process. > > -------------------------------------- > RFC6487 (draft-ietf-sidr-res-certs-22) > -------------------------------------- > Title : A Profile for X.509 PKIX Resource Certificates > Publication Date : February 2012 > Author(s) : G. Huston, G. Michaelson, R. Loomans > Category : PROPOSED STANDARD > Source : Secure Inter-Domain Routing > Area : Routing > Stream : IETF > Verifying Party : IESG > > . > > > > > > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr >
- [sidr] [Technical Errata Reported] RFC6487 (3168) RFC Errata System
- Re: [sidr] [Technical Errata Reported] RFC6487 (3… Robert Loomans
- Re: [sidr] [Technical Errata Reported] RFC6487 (3… Geoff Huston
- Re: [sidr] [Technical Errata Reported] RFC6487 (3… Murphy, Sandra
- Re: [sidr] [Technical Errata Reported] RFC6487 (3… Murphy, Sandra
- [sidr] Fwd: [Errata Rejected] RFC6487 (3168) Stewart Bryant
- Re: [sidr] Fwd: [Errata Rejected] RFC6487 (3168) Andrew Chi
- Re: [sidr] [Errata Rejected] RFC6487 (3168) Danny McPherson
- Re: [sidr] [Errata Rejected] RFC6487 (3168) Stewart Bryant