[smime] [Errata Rejected] RFC5652 (5331)

RFC Errata System <rfc-editor@rfc-editor.org> Fri, 27 April 2018 05:30 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: smime@ietfa.amsl.com
Delivered-To: smime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2CA812D94A; Thu, 26 Apr 2018 22:30:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s9sJYYa0b2v4; Thu, 26 Apr 2018 22:30:13 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E145E1200FC; Thu, 26 Apr 2018 22:30:13 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id BC98AB82EEF; Thu, 26 Apr 2018 22:29:38 -0700 (PDT)
To: thomas.stimm@escrypt.com, housley@vigilsec.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: ekr@rtfm.com, iesg@ietf.org, smime@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset=UTF-8
Message-Id: <20180427052938.BC98AB82EEF@rfc-editor.org>
Date: Thu, 26 Apr 2018 22:29:38 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/smime/TB_AzwMB8UzwlbSej3Fn_9xcC60>
Subject: [smime] [Errata Rejected] RFC5652 (5331)
X-BeenThere: smime@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SMIME Working Group <smime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/smime>, <mailto:smime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smime/>
List-Post: <mailto:smime@ietf.org>
List-Help: <mailto:smime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Apr 2018 05:30:16 -0000

The following errata report has been rejected for RFC5652,
"Cryptographic Message Syntax (CMS)".

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata/eid5331

--------------------------------------
Status: Rejected
Type: Technical

Reported by: Thomas Stimm <thomas.stimm@escrypt.com>;
Date Reported: 2018-04-23
Rejected by: Eric Rescorla (IESG)

Section: 6.1 and 8

Original Text
-------------
EncryptedData ::= SEQUENCE {
   version CMSVersion,
   encryptedContentInfo EncryptedContentInfo,
   unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }

EncryptedContentInfo ::= SEQUENCE {
   contentType ContentType,
   contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
   encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL }


Corrected Text
--------------
EncryptedData ::= SEQUENCE {
   version CMSVersion,
   encryptedContentInfo EncryptedContentInfo,
   encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL,
   unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }

EncryptedContentInfo ::= SEQUENCE {
   contentType ContentType,
   contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier }


Notes
-----
- Wrong enumeration of UnprotectedAttributes OPTIONAL [1] instead of [0]. 
- ‘UnprotectedAttributes OPTIONAL’ makes only sense, if ‘EncryptedContent OPTIONAL’ is available.
- It seems that OpenSSL and wolfSSL are using the suggested wrapping and are not following the RFC, here.
 --VERIFIER NOTES-- 
   Misunderstanding of the specification

--------------------------------------
RFC5652 (draft-ietf-smime-rfc3852bis-00)
--------------------------------------
Title               : Cryptographic Message Syntax (CMS)
Publication Date    : September 2009
Author(s)           : R. Housley
Category            : DRAFT STANDARD
Source              : S/MIME Mail Security
Area                : Security
Stream              : IETF
Verifying Party     : IESG