[TLS] [Editorial Errata Reported] RFC2712 (5432)
RFC Errata System <rfc-editor@rfc-editor.org> Fri, 20 July 2018 09:24 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D44D6131114 for <tls@ietfa.amsl.com>; Fri, 20 Jul 2018 02:24:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9F8v4AlnVkvz for <tls@ietfa.amsl.com>; Fri, 20 Jul 2018 02:24:16 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DC131277BB for <tls@ietf.org>; Fri, 20 Jul 2018 02:24:16 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 35CE3B80D6E; Fri, 20 Jul 2018 02:24:10 -0700 (PDT)
To: amedvins@excitecorp.com, matt.hur@cybersafe.com, kaduk@mit.edu, ekr@rtfm.com, christopherwood07@gmail.com, joe@salowey.net, sean+ietf@sn3rd.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: eugene.adell@gmail.com, tls@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20180720092410.35CE3B80D6E@rfc-editor.org>
Date: Fri, 20 Jul 2018 02:24:10 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/-sp-4LVOmJRaaOL5LgY1CXT_Xhc>
Subject: [TLS] [Editorial Errata Reported] RFC2712 (5432)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jul 2018 09:24:18 -0000
The following errata report has been submitted for RFC2712, "Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata/eid5432 -------------------------------------- Type: Editorial Reported by: Eugene Adell <eugene.adell@gmail.com> Section: Appendix Original Text ------------- Corrected Text -------------- Appendix RFC 2712 introduces new cipher suites values, starting with the cipher value { 0x00, 0x1E }. This cipher value was earlier known as a Fortezza cipher suite, and this could lead to a conflict. Notes ----- Errata 5409 was rejected and I was suggested to post another one at this place. RFC 2712 (Addition of Kerberos Cipher Suites to Transport Layer Security) in its Draft 01 version introduces new cipher suites values, among them three are colliding with the Fortezza cipher suites. The Draft 02 version partially corrects that, by shifting all of the Kerberos cipher suites values by two. This omission of the third Fortezza cipher suite has never been corrected, and this remains in the same state in the final RFC 2712. As a result, the cipher suite value { 0x00, 0x1E } is now officially known as a Kerberos one. Although not documented themselves by any RFC, the two non conflicting Fortezza cipher suites are mentionned in the same note in the TLS protocol RFC (2246, 4346, 5246). This gives an explanation on how the Kerberos cipher suite values were chosen. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC2712 (draft-ietf-tls-kerb-cipher-suites-04) -------------------------------------- Title : Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) Publication Date : October 1999 Author(s) : A. Medvinsky, M. Hur Category : PROPOSED STANDARD Source : Transport Layer Security Area : Security Stream : IETF Verifying Party : IESG
- [TLS] [Editorial Errata Reported] RFC2712 (5432) RFC Errata System