[TLS] [Errata Verified] RFC5054 (4546)
RFC Errata System <rfc-editor@rfc-editor.org> Tue, 16 January 2024 02:23 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B87BDC14F69C; Mon, 15 Jan 2024 18:23:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.658
X-Spam-Level:
X-Spam-Status: No, score=-1.658 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ni8fWNr-QePB; Mon, 15 Jan 2024 18:23:24 -0800 (PST)
Received: from rfcpa.amsl.com (rfcpa.amsl.com [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 395ADC14F69D; Mon, 15 Jan 2024 18:23:24 -0800 (PST)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 018121A49952; Mon, 15 Jan 2024 18:23:23 -0800 (PST)
To: rick@openfortress.nl, dtaylor@gnutls.org, thomwu@cisco.com, nmav@gnutls.org, trevp@trevp.net
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: paul.wouters@aiven.io, iesg@ietf.org, tls@ietf.org, iana@iana.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20240116022324.018121A49952@rfcpa.amsl.com>
Date: Mon, 15 Jan 2024 18:23:23 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/uH5pnOZG3_C23WMqdlLosWzvraA>
Subject: [TLS] [Errata Verified] RFC5054 (4546)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jan 2024 02:23:28 -0000
The following errata report has been verified for RFC5054, "Using the Secure Remote Password (SRP) Protocol for TLS Authentication". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid4546 -------------------------------------- Status: Verified Type: Technical Reported by: Rick van Rein <rick@openfortress.nl> Date Reported: 2015-11-30 Verified by: Paul Wouters (IESG) Section: 2.6 Original Text ------------- B = k*v + g^b % N Corrected Text -------------- B = ( k*v + g^b ) % N Notes ----- The customary binding is that + has lower priority than % and so the default reading of the expression would be B = k*v + ( g^b % N ) That is inconsistent with the existence of PAD(B) and the size of B in the test vectors, so the context hints at proper brackets, but this may still lead to implementation errors (of which I actually ran into an example). Paul Wouters (AD): This errata is correct, but note that this RFC is applicable only for TLS < 1.3. For TLS 1.3, one needs to use a PAKE as replacement, such as those defined in RFC8492. As such, this errata is left as Verified as there won't be a document update for this document. -------------------------------------- RFC5054 (draft-ietf-tls-srp-14) -------------------------------------- Title : Using the Secure Remote Password (SRP) Protocol for TLS Authentication Publication Date : November 2007 Author(s) : D. Taylor, T. Wu, N. Mavrogiannopoulos, T. Perrin Category : INFORMATIONAL Source : Transport Layer Security Area : Security Stream : IETF Verifying Party : IESG
- [TLS] [Errata Verified] RFC5054 (4546) RFC Errata System