Re: [lamps] [Technical Errata Reported] RFC8398 (5418)

Wei Chuang <weihaw@google.com> Wed, 11 July 2018 21:49 UTC

Return-Path: <weihaw@google.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 462AF130DDD for <spasm@ietfa.amsl.com>; Wed, 11 Jul 2018 14:49:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.51
X-Spam-Level:
X-Spam-Status: No, score=-17.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ajGmNtoPcTCt for <spasm@ietfa.amsl.com>; Wed, 11 Jul 2018 14:49:29 -0700 (PDT)
Received: from mail-it0-x230.google.com (mail-it0-x230.google.com [IPv6:2607:f8b0:4001:c0b::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 951CA130E29 for <spasm@ietf.org>; Wed, 11 Jul 2018 14:49:29 -0700 (PDT)
Received: by mail-it0-x230.google.com with SMTP id d191-v6so337524ite.1 for <spasm@ietf.org>; Wed, 11 Jul 2018 14:49:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=otBJO8S4eaSH4y4LWu48RHJyNp+82AI1uI4RPpDCPdA=; b=jLXOSN8lAYQt68LQ01NXsDHZnyMmucXaQkBqulkfG359gwljrMlk3BkjjQA+HhV1O6 PNEzjugg5l1GtO4Tn03rXerQ8XQxNvurz/rihkn+krmlGInUUSNzpgm3iVTMP7w/RnDQ UumPOnz16b0fag6rXmZOgtZFtXyEnZx8ZPZ8wJ8wgm2Xm+/X8eyEQHpKsS681Wd9+UcM Jt9xPFoMRPPBfY1fbzq+iWWO0m7UVgkdD60M/YoJD5LdZHt2wKI9CX4cmvB7VCHn38Sj RhLpZ8a9oTXr8KmD42XIBSB3hiT1WqONCd5mod8EqAZw1scVQay0ALKGXxUcc7p+1oBW a8aA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=otBJO8S4eaSH4y4LWu48RHJyNp+82AI1uI4RPpDCPdA=; b=DSK4Pnr3v1YGkkLmRfDuwBGmtmDBMsZvYUu/s4tSbkcdkXhUAj7Y/Y+HCZQE80S69T Tc878suPR+twH0F/O6/DbT5UAv7+8+1FwN/vaSX15r4JrDvtrnQfF2YVIAA5ruUDV6Ro mgmjeUWiY6MyfBE+aBSy+DjpqRm0QmgK66Pscx669adISMvmlG6YdleM6bVyb5OLfBUl o+0Z3ZpJCiVMNKJaYXkHzgcK4fiJei4DD+vEDJWRigamk07W1k0CE97hd8XgheD9RDa6 kshq6S442dAK6DMw3CtaCxzn4MsHhQgnQbyuVb0lpVg0G8g1dzFWe5gsFbKhu/0G87Rp ozdA==
X-Gm-Message-State: AOUpUlE3AejZDe9C++YLEkP2vXaVQqP9kgNNNnWv20V7vnmELpNnaqsP AxUHxDOmMLGi6+fhQ1yuDQ5tGYsqkKmloftx2aykxw==
X-Google-Smtp-Source: AAOMgpcReJm2JkMQQm59TYFyefPkYY2mhaN1T+Kj//v3HonoVyP8c/NqgRtgW7DtETu3HorkxKDSWOAlDRceGDUgxUQ=
X-Received: by 2002:a02:4f92:: with SMTP id r18-v6mr221675jad.9.1531345768433; Wed, 11 Jul 2018 14:49:28 -0700 (PDT)
MIME-Version: 1.0
References: <20180711194608.1F408B8196E@rfc-editor.org>
In-Reply-To: <20180711194608.1F408B8196E@rfc-editor.org>
From: Wei Chuang <weihaw@google.com>
Date: Wed, 11 Jul 2018 14:49:16 -0700
Message-ID: <CAAFsWK2du1hrF9Uxm1dMKHwJG_KPLuvQuT61sGvQ7Azhj3HOJA@mail.gmail.com>
To: rfc-editor@rfc-editor.org
Cc: Alexey Melnikov <alexey.melnikov@isode.com>, kaduk@mit.edu, ekr@rtfm.com, Russ Housley <housley@vigilsec.com>, tim.hollebeek@digicert.com, Dmitry Belyavsky <beldmit@gmail.com>, SPASM <spasm@ietf.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="00000000000097d1120570c0383c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/BH7vUKutNq1rs-91w1Ndqemw3lg>
Subject: Re: [lamps] [Technical Errata Reported] RFC8398 (5418)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jul 2018 21:49:32 -0000

Hi all,

I agree with the errata report.  Background is that I've already been
discussing with Dmitry the bug, and suggested he file the errata so we can
make the change.  The bug is in the SmtpUTF8Mailbox OID
<https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#smi-numbers-1.3.6.1.5.5.7.8>
in the example <https://tools.ietf.org/html/rfc8398#appendix-B> found in
the Appendix.  I also agree with him that we can update the email address
to be consistent with the earlier example on page 6 in case the original is
confusing.

-Wei

On Wed, Jul 11, 2018 at 12:46 PM RFC Errata System <
rfc-editor@rfc-editor.org> wrote:

> The following errata report has been submitted for RFC8398,
> "Internationalized Email Addresses in X.509 Certificates".
>
> --------------------------------------
> You may review the report below and at:
> http://www.rfc-editor.org/errata/eid5418
>
> --------------------------------------
> Type: Technical
> Reported by: Belyavskiy Dmitry <beldmit@gmail.com>
>
> Section: Appendix B
>
> Original Text
> -------------
>    This non-normative example demonstrates using SmtpUTF8Mailbox as an
>    otherName in GeneralName to encode the email address
>    "u+8001u+5E2B@example.com".com".
>
>       The hexadecimal DER encoding of the email address is:
>       A022060A 2B060105 05070012 0809A014 0C12E880 81E5B8AB 40657861
>       6D706C65 2E636F6D
>
>       The text decoding is:
>         0  34: [0] {
>         2  10:   OBJECT IDENTIFIER '1 3 6 1 5 5 7 0 18 8 9'
>        14  20:   [0] {
>        16  18:     UTF8String '..@example.com'
>              :     }
>              :   }
>
>                                  Figure 2
>
>    The example was encoded on the OSS Nokalva ASN.1 Playground and the
>    above text decoding is an output of Peter Gutmann's "dumpasn1"
>    program.
>
>
> Corrected Text
> --------------
>    This non-normative example demonstrates using SmtpUTF8Mailbox as an
>    otherName in GeneralName to encode the email address
>    "u+533Bu+751F@u+5927u+5B66.example.com".com".
>
>    The hexadecimal DER encoding of the block is:
>    a0330608 2b060105 05070809 a0270c25 c3a5c28c c2bbc3a7 c294c29f
>    40c3a5c2 a4c2a7c3 a5c2adc2 a62e6578 616d706c 652e636f 6d
>
>
>    The text decoding is:
>      2  51: [0] {
>      4   8:   OBJECT IDENTIFIER '1 3 6 1 5 5 7 8 9'
>     14  39:   [0] {
>     16  37:     UTF8String '..@...example.com'
>           :     }
>           :   }
>
>                                  Figure 2
>
>    The example was encoded on the OSS Nokalva ASN.1 Playground and the
>    above text decoding is an output of Peter Gutmann's "dumpasn1"
>    program.
>
> Notes
> -----
> The OID used in Appendix B does not match the OID for
> id-on-SmtpUTF8Mailbox defined in "Appendix A.  ASN.1 Module" and is not
> mentioned anywhere in the RFC.
>
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party
> can log in to change the status and edit the report, if necessary.
>
> --------------------------------------
> RFC8398 (draft-ietf-lamps-eai-addresses-18)
> --------------------------------------
> Title               : Internationalized Email Addresses in X.509
> Certificates
> Publication Date    : May 2018
> Author(s)           : A. Melnikov, Ed., W. Chuang, Ed.
> Category            : PROPOSED STANDARD
> Source              : Limited Additional Mechanisms for PKIX and SMIME
> Area                : Security
> Stream              : IETF
> Verifying Party     : IESG
>