From: RFC Errata System <rfc-editor(_at_)rfc-editor(_dot_)org
<mailto:rfc-editor(_at_)rfc-editor(_dot_)org>>
Subject: [Errata Verified] RFC5652 (6250)
Date: August 7, 2020 at 1:00:34 AM EDT
To: housley(_at_)vigilsec(_dot_)com <mailto:housley(_at_)vigilsec(_dot_)com>,
housley(_at_)vigilsec(_dot_)com <mailto:housley(_at_)vigilsec(_dot_)com>
Cc: kaduk(_at_)mit(_dot_)edu <mailto:kaduk(_at_)mit(_dot_)edu>,
iesg(_at_)ietf(_dot_)org <mailto:iesg(_at_)ietf(_dot_)org>,
smime(_at_)ietf(_dot_)org <mailto:smime(_at_)ietf(_dot_)org>,
rfc-editor(_at_)rfc-editor(_dot_)org
<mailto:rfc-editor(_at_)rfc-editor(_dot_)org>
The following errata report has been verified for RFC5652,
"Cryptographic Message Syntax (CMS)".
--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid6250
<https://www.rfc-editor.org/errata/eid6250>
--------------------------------------
Status: Verified
Type: Technical
Reported by: Russ Housley <housley(_at_)vigilsec(_dot_)com>
Date Reported: 2020-08-06
Verified by: Benjamin Kaduk (IESG)
Section: 9.2
Original Text
-------------
If the authAttrs field is present, the content-type attribute (as
described in Section 11.1) and the message-digest attribute (as
described in Section 11.2) MUST be included, and the input to the MAC
calculation process is the DER encoding of authAttrs. A separate
encoding of the authAttrs field is performed for message digest
calculation. The IMPLICIT [2] tag in the authAttrs field is not used
for the DER encoding, rather an EXPLICIT SET OF tag is used. That
is, the DER encoding of the SET OF tag, rather than of the IMPLICIT
[2] tag, is to be included in the message digest calculation along
with the length and content octets of the authAttrs value.
Corrected Text
--------------
If the authAttrs field is present, the content-type attribute (as
described in Section 11.1) and the message-digest attribute (as
described in Section 11.2) MUST be included, and the input to the MAC
calculation process is the DER encoding of authAttrs. A separate
encoding of the authAttrs field is performed for message digest
calculation. The IMPLICIT [2] tag in the authAttrs field is not used
for the DER encoding, rather an EXPLICIT SET OF tag is used. That
is, the DER encoding of the SET OF tag, rather than of the IMPLICIT
[2] tag, is to be included in the MAC calculation along
with the length and content octets of the authAttrs value.
Notes
-----
The paragraph is talking about the input to a MAC calculation, not the input
to message digest calculation.
--------------------------------------
RFC5652 (draft-ietf-smime-rfc3852bis-00)
--------------------------------------
Title : Cryptographic Message Syntax (CMS)
Publication Date : September 2009
Author(s) : R. Housley
Category : DRAFT STANDARD
Source : S/MIME Mail Security
Area : Security
Stream : IETF
Verifying Party : IESG
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime