Any volunteers to confirm this errata and check the entire RFC for similar errors ? :)
Paul > On Jun 11, 2024, at 12:26 AM, RFC Errata System <rfc-edi...@rfc-editor.org> wrote: > > The following errata report has been submitted for RFC8392, > "CBOR Web Token (CWT)". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid7982 > > -------------------------------------- > Type: Editorial > Reported by: Christian Amsüss <christ...@amsuess.com> > > Section: A.2.2 > > Original Text > ------------- > / kid / 4: h'53796d6d6574726963323536' / 'Symmetric256' /, > > Corrected Text > -------------- > / kid / 2: h'53796d6d6574726963323536' / 'Symmetric256' /, > > Notes > ----- > The hex above the diagnostic notation encodes for index 2 before the 'Symmetric256' value. The use of CBOR value 2 to mean "kid" is also consistent with the examples around it. > > As this is a mix-up between the "kid" key from COSE Key Common Parameters and COSE Header parameters, a check through the whole document for whether the right numeric values are used might be due. The use of 2 here and 4 in A.3 and A.4 seems right to me -- but I keep mixing those up myself, which was why I was looking into this example in the first place. > > Instructions: > ------------- > This erratum is currently posted as "Reported". (If it is spam, it > will be removed shortly by the RFC Production Center.) Please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > will log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC8392 (draft-ietf-ace-cbor-web-token-15) > -------------------------------------- > Title : CBOR Web Token (CWT) > Publication Date : May 2018 > Author(s) : M. Jones, E. Wahlstroem, S. Erdtman, H. Tschofenig > Category : PROPOSED STANDARD > Source : Authentication and Authorization for Constrained Environments > Stream : IETF > Verifying Party : IESG >
_______________________________________________ Ace mailing list -- ace@ietf.org To unsubscribe send an email to ace-le...@ietf.org
