[xmpp] [Technical Errata Reported] RFC7711 (6338)
RFC Errata System <rfc-editor@rfc-editor.org> Tue, 17 November 2020 09:15 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: xmpp@ietfa.amsl.com
Delivered-To: xmpp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 929E83A0BC4 for <xmpp@ietfa.amsl.com>; Tue, 17 Nov 2020 01:15:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J0g7nbSrAXyu for <xmpp@ietfa.amsl.com>; Tue, 17 Nov 2020 01:15:46 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E04B3A0BAD for <xmpp@ietf.org>; Tue, 17 Nov 2020 01:15:46 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 52713F4074B; Tue, 17 Nov 2020 01:15:35 -0800 (PST)
To: mamille2@cisco.com, stpeter@mozilla.com, superuser@gmail.com, barryleiba@computer.org, jhildebr@cisco.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: b.lacoste@pepta.net, xmpp@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20201117091535.52713F4074B@rfc-editor.org>
Date: Tue, 17 Nov 2020 01:15:35 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/xmpp/1bRqzRH-wO1T41TP1aCjEi-CSYQ>
Subject: [xmpp] [Technical Errata Reported] RFC7711 (6338)
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/xmpp/>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2020 09:15:48 -0000
The following errata report has been submitted for RFC7711, "PKIX over Secure HTTP (POSH)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6338 -------------------------------------- Type: Technical Reported by: Bastien Lacoste <b.lacoste@pepta.net> Section: 6 Original Text ------------- The POSH client MUST NOT cache results (reference or fingerprints) indefinitely. If the source domain returns a reference, the POSH client MUST use the lower of the two "expires" values when determining how long to cache results (i.e., if the reference "expires" value is lower than the fingerprints "expires" value, honor the reference "expires" value). Once the POSH client considers the results stale, it needs to perform the entire POSH operation again, starting with the HTTPS GET request to the source domain. The POSH client MAY use a lower value than any provided in the "expires" member(s), or not cache results at all. Corrected Text -------------- Add the following: If the source returns an invalid reference, the POSH client SHALL NOT cache the results (reference or fingerprint) and SHALL perform the entire POSH operation again whenever performing any further retry. Notes ----- If reference is lost (eg x509 certificate) and if POSH client does not refresh fingerprint then it fails until expiration of old fingerprints... which will prevent the client to access a service because of caching, although references was updated on source domain. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7711 (draft-ietf-xmpp-posh-06) -------------------------------------- Title : PKIX over Secure HTTP (POSH) Publication Date : November 2015 Author(s) : M. Miller, P. Saint-Andre Category : PROPOSED STANDARD Source : Extensible Messaging and Presence Protocol Area : Applications and Real-Time Stream : IETF Verifying Party : IESG
- [xmpp] [Technical Errata Reported] RFC7711 (6338) RFC Errata System