I could maybe see making this Hold For Document Update, as it would
probably require some discussion, and it's hard to say that this was an
omission at the time of original publication.
-Ben
On Thu, Jan 02, 2020 at 12:42:20PM -0800, RFC Errata System wrote:
The following errata report has been submitted for RFC2631,
"Diffie-Hellman Key Agreement Method".
--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid5954
--------------------------------------
Type: Technical
Reported by: Paul Janson <silversplash(_at_)gmx(_dot_)com>
Section: 2.1.5.
Original Text
-------------
1. Verify that y lies within the interval [2,p-1]. If it does not,
the key is invalid.
2. Compute y^q mod p. If the result == 1, the key is valid.
Otherwise the key is invalid.
Corrected Text
--------------
1. Verify that y lies within the interval [2,p-1]. If it does not,
the key is invalid.
2. Compute y^q mod p. If the result == 1, the key is valid.
Otherwise the key is invalid.
| 3. Verify that y does not match g.
Notes
-----
Validating that (g == received y) needs to be an additional exclusion to the
valid range [2,p-1]. If party 'a' accepts received public key 'yb' matching
'g', then ZZ matches public key 'ya'. i.e. if yb = 2, then xb = 1, therefore
ZZ = ya^1 = ya
Instructions:
-------------
This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party
can log in to change the status and edit the report, if necessary.
--------------------------------------
RFC2631 (draft-ietf-smime-x942-07)
--------------------------------------
Title : Diffie-Hellman Key Agreement Method
Publication Date : June 1999
Author(s) : E. Rescorla
Category : PROPOSED STANDARD
Source : S/MIME Mail Security
Area : Security
Stream : IETF
Verifying Party : IESG
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime