Dear researchers, operators and developers,
Recently two attack vectors exploiting vulnerabilities in DNSSEC to launch
Denial of Service (DoS) against DNS resolvers were publicly disclosed:
KeyTrap and NSEC3-encloser attack. Both issues were assigned a CVE ID by
MITRE: KeyTrap CVE-2023-50387 and
The following errata report has been submitted for RFC9460,
"Service Binding and Parameter Specification via the DNS (SVCB and HTTPS
Resource Records)".
--
You may review the report below and at:
https://www.rfc-editor.org/errata/eid7871
--
\DDD escaping in RFC 1035 is decimal, not octal [1].
--Ben
P.S. I agree that this is unusual and surprising.
[1]
https://datatracker.ietf.org/doc/html/rfc1035#:~:text=%5CDDD%20%20%20%20%20%20%20%20%20%20%20%20where%20each%20D%20is%20a%20digit%20is%20the%20octet%20corresponding%20to%0A%20%20%20%
Hi Warren,
We are unable to verify this erratum that the submitter marked as editorial, so
we changed the Type to “Technical”. As Stream Approver, please review and set
the Status and Type accordingly (see the definitions at
https://www.rfc-editor.org/errata-definitions/).
You may review the r
