This errata looks correct to me.
> On Jun 14, 2024, at 10:27, Rebecca VanRheenen <rvanrhee...@amsl.com> wrote: > > [You don't often get email from rvanrhee...@amsl.com. Learn why this is > important at https://aka.ms/LearnAboutSenderIdentification ] > > Hi Paul, > > We are unable to verify this report that the submitter marked as editorial, > so we changed the Type to “Technical”. As Stream Approver, please review and > set the Status and Type accordingly (see the definitions at > https://www.rfc-editor.org/errata-definitions/). > > You may review the report at: > https://www.rfc-editor.org/errata/eid7991 > > Information on how to verify errata reports can be found at: > https://www.rfc-editor.org/how-to-verify/ > > Further information on errata can be found at: > https://www.rfc-editor.org/errata.php > > Thank you. > > RFC Editor/rv > > > >> On Jun 13, 2024, at 10:52 PM, RFC Errata System <rfc-edi...@rfc-editor.org> >> wrote: >> The following errata report has been submitted for RFC5216, >> "The EAP-TLS Authentication Protocol". >> -------------------------------------- >> You may review the report below and at: >> https://www.rfc-editor.org/errata/eid7991 >> -------------------------------------- >> Type: Editorial >> Reported by: E Vashist Kumar <evashi...@gmail.com> >> Section: 2.1.3 page 10 >> Original Text >> ------------- >> Authenticating Peer Authenticator >> ------------------- ------------- >> <- EAP-Request/ >> Identity >> EAP-Response/ >> Identity (MyID) -> >> <- EAP-Request/ >> EAP-Type=EAP-TLS >> (TLS Start) >> EAP-Response/ >> EAP-Type=EAP-TLS >> (TLS client_hello)-> >> <- EAP-Request/ >> EAP-Type=EAP-TLS >> (TLS server_hello, >> TLS certificate, >> [TLS server_key_exchange,] >> TLS certificate_request, >> TLS server_hello_done) >> EAP-Response/ >> EAP-Type=EAP-TLS >> (TLS certificate, >> TLS client_key_exchange, >> TLS certificate_verify, >> TLS change_cipher_spec, >> TLS finished) -> >> <- EAP-Request/ >> EAP-Type=EAP-TLS >> (TLS change_cipher_spec, >> TLS finished) >> EAP-Response/ >> EAP-Type=EAP-TLS -> >> <- EAP-Request >> EAP-Type=EAP-TLS >> (TLS Alert message) >> EAP-Response/ >> EAP-Type=EAP-TLS -> >> <- EAP-Failure >> (User Disconnected) >> Corrected Text >> -------------- >> Authenticating Peer Authenticator >> ------------------- ------------- >> <- EAP-Request/ >> Identity >> EAP-Response/ >> Identity (MyID) -> >> <- EAP-Request/ >> EAP-Type=EAP-TLS >> (TLS Start) >> EAP-Response/ >> EAP-Type=EAP-TLS >> (TLS client_hello)-> >> <- EAP-Request/ >> EAP-Type=EAP-TLS >> (TLS server_hello, >> TLS certificate, >> [TLS server_key_exchange,] >> TLS certificate_request, >> TLS server_hello_done) >> EAP-Response/ >> EAP-Type=EAP-TLS >> (TLS certificate, >> TLS client_key_exchange, >> TLS certificate_verify, >> TLS change_cipher_spec, >> TLS finished) -> >> <- EAP-Request >> EAP-Type=EAP-TLS >> (TLS Alert message) >> EAP-Response/ >> EAP-Type=EAP-TLS -> >> <- EAP-Failure >> (User Disconnected) >> Notes >> ----- >> The message which has to be sent after server fails to authenticate the peer >> is ,TLS alert message, The TLS change cipher spec and the TLS finished >> cannot be sent from the server side if the server fails to authenticate the >> peer. Instead the server has to send TLS alert message after the peer sends >> change cipher spec. >> Instructions: >> ------------- >> This erratum is currently posted as "Reported". (If it is spam, it >> will be removed shortly by the RFC Production Center.) Please >> use "Reply All" to discuss whether it should be verified or >> rejected. When a decision is reached, the verifying party >> will log in to change the status and edit the report, if necessary. >> -------------------------------------- >> RFC5216 (draft-simon-emu-rfc2716bis-13) >> -------------------------------------- >> Title : The EAP-TLS Authentication Protocol >> Publication Date : March 2008 >> Author(s) : D. Simon, B. Aboba, R. Hurst >> Category : PROPOSED STANDARD >> Source : EAP Method Update >> Stream : IETF >> Verifying Party : IESG _______________________________________________ Emu mailing list -- emu@ietf.org To unsubscribe send an email to emu-le...@ietf.org
