[smime] Correction: [Technical Errata Reported] RFC5751 (2031) WAS: Technical Errata Reported] RFC5751 (10000)
rfc-editor@rfc-editor.org Tue, 02 February 2010 00:11 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: smime@core3.amsl.com
Delivered-To: smime@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9AA3B3A69EE for <smime@core3.amsl.com>; Mon, 1 Feb 2010 16:11:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.568
X-Spam-Level:
X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[AWL=0.032, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XctrYSF+2Mf6 for <smime@core3.amsl.com>; Mon, 1 Feb 2010 16:11:48 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1890:1112:1::2f]) by core3.amsl.com (Postfix) with ESMTP id A5E3E3A69CA for <smime@ietf.org>; Mon, 1 Feb 2010 16:11:46 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 80101130001; Mon, 1 Feb 2010 16:12:21 -0800 (PST)
To: Blake Ramsdell <blaker@gmail.com>, Sean Turner <turners@ieca.com>, Tim Polk <tim.polk@nist.gov>, Eronen Pasi <pasi.eronen@nokia.com>
From: rfc-editor@rfc-editor.org
Message-Id: <20100202001221.80101130001@rfc-editor.org>
Date: Mon, 01 Feb 2010 16:12:21 -0800
Cc: rfc-editor@rfc-editor.org, Derek.Edson@sss.co.nz, smime@ietf.org
Subject: [smime] Correction: [Technical Errata Reported] RFC5751 (2031) WAS: Technical Errata Reported] RFC5751 (10000)
X-BeenThere: smime@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SMIME Working Group <smime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/smime>
List-Post: <mailto:smime@ietf.org>
List-Help: <mailto:smime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Feb 2010 00:11:54 -0000
Correction: Please note that the Errata ID assigned to this report has changed. It is now 2031. You may view the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=5751&eid=2031 Apologies for the inconvenience. Thank you. RFC Editor/ah On Feb 1, 2010, at 5:48 PM, RFC Errata System wrote: > > The following errata report has been submitted for RFC5751, > "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification". > [removed incorrect URL] > > -------------------------------------- > Type: Technical > Reported by: Derek Edson <Derek.Edson@sss.co.nz> > > Section: 3.4.3.2 > > Original Text > ------------- > The micalg parameter allows for one-pass processing when the > signature is being verified. The value of the micalg parameter is > dependent on the message digest algorithm(s) used in the calculation > of the Message Integrity Check. If multiple message digest > algorithms are used, they MUST be separated by commas per [MIME- > SECURE]. The values to be placed in the micalg parameter SHOULD be > from the following: > > Algorithm Value Used > > MD5 md5 > SHA-1 sha-1 > SHA-224 sha-224 > SHA-256 sha-256 > SHA-384 sha-384 > SHA-512 sha-512 > Any other (defined separately in algorithm profile or "unknown" > if not defined) > > (Historical note: some early implementations of S/MIME emitted and > expected "rsa-md5", "rsa-sha1", and "sha1" for the micalg parameter.) > Receiving agents SHOULD be able to recover gracefully from a micalg > parameter value that they do not recognize. Future names for this > parameter will be consistent with the IANA "Hash Function Textual > Names" registry. > > > Corrected Text > -------------- > > > Notes > ----- > This revision creates a backward compatibility issue with S/MIME v2, S/MIME v3 and S/MIME v3.1 agents. In each of the previous (obsoleted) standards, they all refer to the micalg for SHA-1 as "sha1" and not "sha-1". > > The historical note should mean that v3.2 agents will recognize "sha1" as emitted by earlier implementations, but these implementations are unlikely to recognize the micalg value of "sha-1" emitted by a v3.2 agent. > > All previous standards state that receiving agents SHOULD be able to handle this situation gracefully, but when these agents fail to recognize a micalg value, they can no longer perform a "one-pass processing". Given that this parameter is "required", the most likely implication is that they will fail to verify the signature. > > To ensure interoperability with clients supporting previous versions, the micalg for SHA-1 MUST remain as "sha1", and receiving agents SHOULD also accept "sha-1". > > The micalg parameters values have always been defined as "SHOULD", but for interoperability they should be declared as "MUST". > > Instructions: > ------------- > This errata is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party (IESG) > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC5751 (draft-ietf-smime-3851bis-11) > -------------------------------------- > Title : Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification > Publication Date : January 2010 > Author(s) : B. Ramsdell, S. Turner > Category : PROPOSED STANDARD > Source : S/MIME Mail Security > Area : Security > Stream : IETF > Verifying Party : IESG