Re: [TLS] [Editorial Errata Reported] RFC5246 (2165)

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 19 April 2010 22:53 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3DA0E3A6903 for <tls@core3.amsl.com>; Mon, 19 Apr 2010 15:53:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VVH6L46xEIYq for <tls@core3.amsl.com>; Mon, 19 Apr 2010 15:53:45 -0700 (PDT)
Received: from relay01.pair.com (relay01.pair.com [209.68.5.15]) by core3.amsl.com (Postfix) with SMTP id 39C443A68D7 for <tls@ietf.org>; Mon, 19 Apr 2010 15:53:45 -0700 (PDT)
Received: (qmail 89292 invoked from network); 19 Apr 2010 22:53:35 -0000
Received: from 216.254.70.154 (HELO ?192.168.23.207?) (216.254.70.154) by relay01.pair.com with SMTP; 19 Apr 2010 22:53:35 -0000
X-pair-Authenticated: 216.254.70.154
Message-ID: <4BCCDEE7.1020802@fifthhorseman.net>
Date: Mon, 19 Apr 2010 18:53:27 -0400
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100411 Icedove/3.0.4
MIME-Version: 1.0
To: RFC Errata System <rfc-editor@rfc-editor.org>
References: <20100419214654.0219613000D@rfc-editor.org>
In-Reply-To: <20100419214654.0219613000D@rfc-editor.org>
X-Enigmail-Version: 1.0.1
OpenPGP: id=D21739E9; url=http://fifthhorseman.net/dkg.gpg
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig3B80E274BF282FB1FB967E55"
Cc: ekr@rtfm.com, tim.polk@nist.gov, nmalykh@protocols.ru, tls@ietf.org
Subject: Re: [TLS] [Editorial Errata Reported] RFC5246 (2165)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Apr 2010 22:53:46 -0000

On 04/19/2010 05:46 PM, RFC Errata System wrote:
> 
> The following errata report has been submitted for RFC5246,
> "The Transport Layer Security (TLS) Protocol Version 1.2".
> 
> --------------------------------------
> You may review the report below and at:
> http://www.rfc-editor.org/errata_search.php?rfc=5246&eid=2165
> 
> --------------------------------------
> Type: Editorial
> Reported by: Nikolai Malykh <nmalykh@protocols.ru>;
> 
> Section: 6.2.3.2
> 
> Original Text
> -------------
>    Example: If the block length is 8 bytes, the content length
>    (TLSCompressed.length) is 61 bytes, and the MAC length is 20 bytes,
>    then the length before padding is 82 bytes (this does not include the
> 
> 
> 
> Dierks & Rescorla           Standards Track                    [Page 23]
> 
> RFC 5246                          TLS                        August 2008
> 
> 
>    IV.  Thus, the padding length modulo 8 must be equal to 6 in order to
>    make the total length an even multiple of 8 bytes (the block length).
>    The padding length can be 6, 14, 22, and so on, through 254.  If the
>    padding length were the minimum necessary, 6, the padding would be 6
>    bytes, each containing the value 6.  Thus, the last 8 octets of the
>    GenericBlockCipher before block encryption would be xx 06 06 06 06 06
>    06 06, where xx is the last octet of the MAC.
> 
> 
> Corrected Text
> --------------
>    Example: If the block length is 8 bytes, the content length
>    (TLSCompressed.length) is 61 bytes, and the MAC length is 20 bytes,
>    then the length before padding is 82 bytes (this does not include the
> 
> 
> 
> Dierks & Rescorla           Standards Track                    [Page 23]
> 
> RFC 5246                          TLS                        August 2008
> 
> 
>    IV).  Thus, the padding length modulo 8 must be equal to 6 in order to
>    make the total length an even multiple of 8 bytes (the block length).
>    The padding length can be 6, 14, 22, and so on, through 254.  If the
>    padding length were the minimum necessary, 6, the padding would be 6
>    bytes, each containing the value 6.  Thus, the last 8 octets of the
>    GenericBlockCipher before block encryption would be xx 06 06 06 06 06
>    06 06, where xx is the last octet of the MAC.


The only change i see here is closing the lingering parenthesis after
"IV", immediately following the page break.  I believe this is a valid
(though inconsequential) correction.

	--dkg