[smime] [Technical Errata Reported] RFC5652 (6250)
RFC Errata System <rfc-editor@rfc-editor.org> Thu, 06 August 2020 21:58 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: smime@ietfa.amsl.com
Delivered-To: smime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF8A43A0788 for <smime@ietfa.amsl.com>; Thu, 6 Aug 2020 14:58:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a0XQxqvOIJtx for <smime@ietfa.amsl.com>; Thu, 6 Aug 2020 14:58:23 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C1793A0786 for <smime@ietf.org>; Thu, 6 Aug 2020 14:58:23 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 240BFF40757; Thu, 6 Aug 2020 14:58:15 -0700 (PDT)
To: housley@vigilsec.com, rdd@cert.org, kaduk@mit.edu, paul.hoffman@vpnc.org, blaker@gmail.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: housley@vigilsec.com, smime@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20200806215815.240BFF40757@rfc-editor.org>
Date: Thu, 06 Aug 2020 14:58:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/smime/ctil8Wldco1Sk441Z5xV-t14PQU>
Subject: [smime] [Technical Errata Reported] RFC5652 (6250)
X-BeenThere: smime@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SMIME Working Group <smime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/smime>, <mailto:smime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smime/>
List-Post: <mailto:smime@ietf.org>
List-Help: <mailto:smime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Aug 2020 21:58:25 -0000
The following errata report has been submitted for RFC5652, "Cryptographic Message Syntax (CMS)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6250 -------------------------------------- Type: Technical Reported by: Russ Housley <housley@vigilsec.com> Section: 9.2 Original Text ------------- If the authAttrs field is present, the content-type attribute (as described in Section 11.1) and the message-digest attribute (as described in Section 11.2) MUST be included, and the input to the MAC calculation process is the DER encoding of authAttrs. A separate encoding of the authAttrs field is performed for message digest calculation. The IMPLICIT [2] tag in the authAttrs field is not used for the DER encoding, rather an EXPLICIT SET OF tag is used. That is, the DER encoding of the SET OF tag, rather than of the IMPLICIT [2] tag, is to be included in the message digest calculation along with the length and content octets of the authAttrs value. Corrected Text -------------- If the authAttrs field is present, the content-type attribute (as described in Section 11.1) and the message-digest attribute (as described in Section 11.2) MUST be included, and the input to the MAC calculation process is the DER encoding of authAttrs. A separate encoding of the authAttrs field is performed for message digest calculation. The IMPLICIT [2] tag in the authAttrs field is not used for the DER encoding, rather an EXPLICIT SET OF tag is used. That is, the DER encoding of the SET OF tag, rather than of the IMPLICIT [2] tag, is to be included in the MAC calculation along with the length and content octets of the authAttrs value. Notes ----- The paragraph is talking about the input to a MAC calculation, not the input to message digest calculation. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC5652 (draft-ietf-smime-rfc3852bis-00) -------------------------------------- Title : Cryptographic Message Syntax (CMS) Publication Date : September 2009 Author(s) : R. Housley Category : DRAFT STANDARD Source : S/MIME Mail Security Area : Security Stream : IETF Verifying Party : IESG
- [smime] [Technical Errata Reported] RFC5652 (6250) RFC Errata System
- Re: [smime] [Technical Errata Reported] RFC5652 (… Jim Schaad