[tram] [Errata Held for Document Update] RFC7635 (4826)
RFC Errata System <rfc-editor@rfc-editor.org> Thu, 14 January 2021 14:00 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 787B23A0E04; Thu, 14 Jan 2021 06:00:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.902
X-Spam-Level:
X-Spam-Status: No, score=-0.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, CTE_8BIT_MISMATCH=0.998, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IYKdoIIHSOPZ; Thu, 14 Jan 2021 06:00:49 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B81E3A0DAD; Thu, 14 Jan 2021 06:00:49 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 280DBF40720; Thu, 14 Jan 2021 06:00:38 -0800 (PST)
To: bakfitty@gmail.com, tireddy@cisco.com, praspati@cisco.com, rmohanr@cisco.com, justin@uberti.name
X-PHP-Originating-Script: 1005:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: magnus.westerlund@ericsson.com, iesg@ietf.org, tram@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20210114140038.280DBF40720@rfc-editor.org>
Date: Thu, 14 Jan 2021 06:00:38 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/g5tvSTi18GAW0-OBYZR_MvW4GfQ>
Subject: [tram] [Errata Held for Document Update] RFC7635 (4826)
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jan 2021 14:00:51 -0000
The following errata report has been held for document update for RFC7635, "Session Traversal Utilities for NAT (STUN) Extension for Third-Party Authorization". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid4826 -------------------------------------- Status: Held for Document Update Type: Technical Reported by: Mihály Mészáros <bakfitty@gmail.com> Date Reported: 2016-10-10 Held by: Magnus Westerlund (IESG) Section: 8. Original Text ------------- 8. STUN Client Behavior o The client looks for the MESSAGE-INTEGRITY attribute in the response. If MESSAGE-INTEGRITY is absent or the value computed for message integrity using mac_key does not match the contents of the MESSAGE-INTEGRITY attribute, then the response MUST be discarded. o If the access token expires, then the client MUST obtain a new token from the authorization server and use it for new STUN requests. Corrected Text -------------- 8. STUN Client Behavior o The client looks for the MESSAGE-INTEGRITY attribute in the response. If MESSAGE-INTEGRITY is absent or the value computed for message integrity using mac_key does not match the contents of the MESSAGE-INTEGRITY attribute, then the response MUST be discarded. 9. Application (OAuth Client) Behavior o If the access token expires, then the Application (OAuth client) MUST obtain a new token from the authorization server, and update STUN client to use it for new STUN requests. o Application SHOULD pass only a subset of the received OAuth parameters to the STUN client. Only parameters SHOULD be passed that will be really needed and used by the STUN Client. In this way, only the kid, the mac_key, and the access_token parameters SHOULD be passed to the STUN client. ... Renumber the sections ... Notes ----- 1. Remove from STUN client behaviour the access_token renewal function, and move this function up to application level. 2. Pass to STUN only that subset of the OAuth parameters, that will be really used by STUN Client. -------------------------------------- RFC7635 (draft-ietf-tram-turn-third-party-authz-16) -------------------------------------- Title : Session Traversal Utilities for NAT (STUN) Extension for Third-Party Authorization Publication Date : August 2015 Author(s) : T. Reddy, P. Patil, R. Ravindranath, J. Uberti Category : PROPOSED STANDARD Source : TURN Revised and Modernized Area : Transport Stream : IETF Verifying Party : IESG
- [tram] [Errata Held for Document Update] RFC7635 … RFC Errata System