[smime] [Errata Verified] RFC5652 (6250)

RFC Errata System <rfc-editor@rfc-editor.org> Fri, 07 August 2020 05:00 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: smime@ietfa.amsl.com
Delivered-To: smime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53CF03A0901; Thu, 6 Aug 2020 22:00:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 37L9buTJvUxd; Thu, 6 Aug 2020 22:00:44 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA3DD3A0906; Thu, 6 Aug 2020 22:00:43 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id F1740F4074E; Thu, 6 Aug 2020 22:00:34 -0700 (PDT)
To: housley@vigilsec.com, housley@vigilsec.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: kaduk@mit.edu, iesg@ietf.org, smime@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset=UTF-8
Message-Id: <20200807050034.F1740F4074E@rfc-editor.org>
Date: Thu, 6 Aug 2020 22:00:34 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/smime/yWlu3zhf3QOeSxApAyn2tqpfqL8>
Subject: [smime] [Errata Verified] RFC5652 (6250)
X-BeenThere: smime@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SMIME Working Group <smime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/smime>, <mailto:smime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smime/>
List-Post: <mailto:smime@ietf.org>
List-Help: <mailto:smime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Aug 2020 05:00:46 -0000

The following errata report has been verified for RFC5652,
"Cryptographic Message Syntax (CMS)". 

--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid6250

--------------------------------------
Status: Verified
Type: Technical

Reported by: Russ Housley <housley@vigilsec.com>
Date Reported: 2020-08-06
Verified by: Benjamin Kaduk (IESG)

Section: 9.2

Original Text
-------------
   If the authAttrs field is present, the content-type attribute (as
   described in Section 11.1) and the message-digest attribute (as
   described in Section 11.2) MUST be included, and the input to the MAC
   calculation process is the DER encoding of authAttrs.  A separate
   encoding of the authAttrs field is performed for message digest
   calculation.  The IMPLICIT [2] tag in the authAttrs field is not used
   for the DER encoding, rather an EXPLICIT SET OF tag is used.  That
   is, the DER encoding of the SET OF tag, rather than of the IMPLICIT
   [2] tag, is to be included in the message digest calculation along
   with the length and content octets of the authAttrs value.

Corrected Text
--------------
   If the authAttrs field is present, the content-type attribute (as
   described in Section 11.1) and the message-digest attribute (as
   described in Section 11.2) MUST be included, and the input to the MAC
   calculation process is the DER encoding of authAttrs.  A separate
   encoding of the authAttrs field is performed for message digest
   calculation.  The IMPLICIT [2] tag in the authAttrs field is not used
   for the DER encoding, rather an EXPLICIT SET OF tag is used.  That
   is, the DER encoding of the SET OF tag, rather than of the IMPLICIT
   [2] tag, is to be included in the MAC calculation along
   with the length and content octets of the authAttrs value.

Notes
-----
The paragraph is talking about the input to a MAC calculation, not the input to message digest calculation.

--------------------------------------
RFC5652 (draft-ietf-smime-rfc3852bis-00)
--------------------------------------
Title               : Cryptographic Message Syntax (CMS)
Publication Date    : September 2009
Author(s)           : R. Housley
Category            : DRAFT STANDARD
Source              : S/MIME Mail Security
Area                : Security
Stream              : IETF
Verifying Party     : IESG