Re: [TLS] [Editorial Errata Reported] RFC6176 (5536)
Sean Turner <sean@sn3rd.com> Mon, 18 March 2024 04:39 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9627C14F70E for <tls@ietfa.amsl.com>; Sun, 17 Mar 2024 21:39:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WSTmyueNVyGq for <tls@ietfa.amsl.com>; Sun, 17 Mar 2024 21:39:01 -0700 (PDT)
Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A1E5C14F70D for <tls@ietf.org>; Sun, 17 Mar 2024 21:39:01 -0700 (PDT)
Received: by mail-pj1-x1035.google.com with SMTP id 98e67ed59e1d1-29dd91f3aaeso2515911a91.3 for <tls@ietf.org>; Sun, 17 Mar 2024 21:39:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; t=1710736740; x=1711341540; darn=ietf.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=P05HpnzplneQRSQ4N5iPNktBOFrTx4OzmtWuY9SWlc0=; b=GksltW+Yw+JwjNu3Lyu0w/hniq1WaCRmPTRSNe7vAoRDhS1O+UJjFo8R+46Prr6J9M AF3as8ko9AGwGXZY8MrEmiiJsGm/ExKuqLup53QWe73YNlyvynoztDEo+yBYt8a++Unp NkMhTLz7BrtxwGQkYZx7dZxitYTDNgI9WR88E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710736740; x=1711341540; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=P05HpnzplneQRSQ4N5iPNktBOFrTx4OzmtWuY9SWlc0=; b=RcXseTTQera5w+yb0lm2ZEYdcGosgHWynhzaPG7Gu0ELSfxV8AdONPeuPh4PxU1xDE xuBdmHQ+znJHQeIUxbaOMkjDS2HTwDbIf/HgLyIrdjyCXQHlUr5VWFw7CSxC2iNDubda XWC0lNMHi0pqXHSKaEAOtV3P8RogW2A46cuRf3cK2xR6yIurENbKHba899CnMhnH/8Ub tZJHGok8MV/FmVbgMyaEudYZPZapXbf4NhU0+jJiviS+vT22WkzrGWAs4nX9uPEw8Srl /ooGfsD0eTSqO0CUBWuO9PqYczPZovHqJbborxVbzb0zPtZPyBYfVb4EepFldsrpEnDc r2GA==
X-Gm-Message-State: AOJu0YzV5qwmpKoNgliG3qgfNsdBYQhorgENHZ1jCXP/CXX7aAYpsbll j6OyY351Qd/1c/X0ol1I5ySTmq9zK94q2fsy7+UW/dNDguJE5LULlhRLddvJpOq+bHxt0UboTiy gu68=
X-Google-Smtp-Source: AGHT+IG5+DdP++FSFSowhD864scDSrngBrA4m+gb4Jb0+A0FDWSTRvXVHWJklEt9jdjbpi78x6Vt+A==
X-Received: by 2002:a17:90b:378c:b0:29f:b8e0:669a with SMTP id mz12-20020a17090b378c00b0029fb8e0669amr487181pjb.3.1710736740531; Sun, 17 Mar 2024 21:39:00 -0700 (PDT)
Received: from smtpclient.apple ([2001:67c:370:128:aded:f56c:9018:aaff]) by smtp.gmail.com with ESMTPSA id s8-20020a17090ad48800b0029bf32b524esm6727934pju.13.2024.03.17.21.38.59 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 17 Mar 2024 21:39:00 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.15\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <20181019133305.9E072B80922@rfc-editor.org>
Date: Mon, 18 Mar 2024 14:38:57 +1000
Cc: TLS List <tls@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <AD80B3BD-AACC-4224-AC7B-D10811F29D82@sn3rd.com>
References: <20181019133305.9E072B80922@rfc-editor.org>
To: Paul Wouters <paul.wouters@aiven.io>
X-Mailer: Apple Mail (2.3654.120.0.1.15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/bR2JoOEr8uGjN2MPo-VXGFvmPgg>
Subject: Re: [TLS] [Editorial Errata Reported] RFC6176 (5536)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2024 04:39:06 -0000
Paul, I think you can mark this one as verified. I don’t think anybody is really confused by not citing 2446 in the 1st sentence but the quoted sentence is in RFC 2446 so as suggested the sentence is still true. spt > On Oct 19, 2018, at 23:33, RFC Errata System <rfc-editor@rfc-editor.org> wrote: > > The following errata report has been submitted for RFC6176, > "Prohibiting Secure Sockets Layer (SSL) Version 2.0". > > -------------------------------------- > You may review the report below and at: > http://www.rfc-editor.org/errata/eid5536 > > -------------------------------------- > Type: Editorial > Reported by: Eugene Adell <eugene.adell@gmail.com> > > Section: 1 > > Original Text > ------------- > RFC 4346 [TLS1.1], and later RFC 5246 [TLS1.2], explicitly warned > implementers that the "ability to send version 2.0 CLIENT-HELLO > messages will be phased out with all due haste". This document > accomplishes this by updating the backward compatibility sections > found in TLS [TLS1.0][TLS1.1][TLS1.2]. > > Corrected Text > -------------- > RFC 2246 [TLS1.0], and later RFC 4346 [TLS1.1], then RFC 5246 > [TLS1.2] explicitly warned implementers that the "ability to send > version 2.0 CLIENT-HELLO messages will be phased out with all due > haste". This document accomplishes this by updating the backward > compatibility sections found in TLS [TLS1.0][TLS1.1][TLS1.2]. > > Notes > ----- > The warning on the version 2.0 Client Hello is as old as the first TLS version (RFC 2246 Appendix E). That's what the authors meant and wanted to highlight by listing two of the three RFCs containing this warning. This is confirmed by their last sentence. It looks like a small mistake without concrete effects, I push this errata considering "IESG Processing of RFC Errata for the IETF Stream rule 6" > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC6176 (draft-ietf-tls-ssl2-must-not-04) > -------------------------------------- > Title : Prohibiting Secure Sockets Layer (SSL) Version 2.0 > Publication Date : March 2011 > Author(s) : S. Turner, T. Polk > Category : PROPOSED STANDARD > Source : Transport Layer Security > Area : Security > Stream : IETF > Verifying Party : IESG
- [TLS] [Editorial Errata Reported] RFC6176 (5536) RFC Errata System
- Re: [TLS] [Editorial Errata Reported] RFC6176 (55… Sean Turner