[smime] [Technical Errata Reported] RFC5753 (4777)
RFC Errata System <rfc-editor@rfc-editor.org> Sat, 13 August 2016 21:34 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: smime@ietfa.amsl.com
Delivered-To: smime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87E5112D5BE for <smime@ietfa.amsl.com>; Sat, 13 Aug 2016 14:34:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.869
X-Spam-Level:
X-Spam-Status: No, score=-103.869 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.247, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5XGpMunFGUYA for <smime@ietfa.amsl.com>; Sat, 13 Aug 2016 14:34:21 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3106712D5B2 for <smime@ietf.org>; Sat, 13 Aug 2016 14:34:21 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 15CF8B80D57; Sat, 13 Aug 2016 14:34:21 -0700 (PDT)
To: turners@ieca.com, dbrown@certicom.com, stephen.farrell@cs.tcd.ie, Kathleen.Moriarty.ietf@gmail.com, paul.hoffman@vpnc.org, blaker@gmail.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20160813213421.15CF8B80D57@rfc-editor.org>
Date: Sat, 13 Aug 2016 14:34:21 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/smime/fokddNk5izTevkIQRb3TMTTCWrk>
Cc: ietf@augustcellars.com, rfc-editor@rfc-editor.org, smime@ietf.org
Subject: [smime] [Technical Errata Reported] RFC5753 (4777)
X-BeenThere: smime@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SMIME Working Group <smime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/smime>, <mailto:smime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smime/>
List-Post: <mailto:smime@ietf.org>
List-Help: <mailto:smime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Aug 2016 21:34:22 -0000
The following errata report has been submitted for RFC5753, "Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS)". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=5753&eid=4777 -------------------------------------- Type: Technical Reported by: Jim Schaad <ietf@augustcellars.com> Section: 3.1.1 Original Text ------------- - originator MUST be the alternative originatorKey. The originatorKey algorithm field MUST contain the id-ecPublicKey object identifier (see Section 7.1.2). The parameters associated with id-ecPublicKey MUST be absent, ECParameters, or NULL. The parameters associated with id-ecPublicKey SHOULD be absent or ECParameters, and NULL is allowed to support legacy implementations. The previous version of this document required NULL to be present. If the parameters are ECParameters, then they MUST be namedCurve. The originatorKey publicKey field MUST contain the DER encoding of the value of the ASN.1 type ECPoint (see Section 7.2), which represents the sending agent's ephemeral EC public key. The ECPoint in uncompressed form MUST be supported. Corrected Text -------------- - originator MUST be the alternative originatorKey. The originatorKey algorithm field MUST contain the id-ecPublicKey object identifier (see Section 7.1.2). The parameters associated with id-ecPublicKey MUST be absent, ECParameters, or NULL. The parameters associated with id-ecPublicKey SHOULD be absent or ECParameters, and NULL is allowed to support legacy implementations. The previous version of this document required NULL to be present. If the parameters are ECParameters, then they MUST be namedCurve. The originatorKey publicKey field MUST contain the encoded public key as defined in [X9.62]. The hybred form MUST NOT be used. The ECPoint in uncompressed form MUST be supported. This mirrors the same format used in public key certificates as defined in Section 2.2 of [RFC5480]. Notes ----- There is a problem in that for ECPoints, the public key is defined to be encoded differently in this document than it is in a public key certificate. The difference is the presence of the ASN.1 OCTET STRING wrapper. OpenSSL and BouncyCastle both use the unwrapped version per Dr. Stephen Henson note to me in mail. This error is also present in sections 3.1.2, 3.1.3, 3.2.1, 3.2.2, 7.2 Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party (IESG) can log in to change the status and edit the report, if necessary. -------------------------------------- RFC5753 (draft-ietf-smime-3278bis-09) -------------------------------------- Title : Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS) Publication Date : January 2010 Author(s) : S. Turner, D. Brown Category : INFORMATIONAL Source : S/MIME Mail Security Area : Security Stream : IETF Verifying Party : IESG
- Re: [smime] [Technical Errata Reported] RFC5753 (… Jim Schaad
- Re: [smime] [Technical Errata Reported] RFC5753 (… Paul Hoffman
- [smime] [Technical Errata Reported] RFC5753 (4777) RFC Errata System