Hi, I find the reported errata reasonable. On Sun, Jan 17, 2016 at 7:53 PM, Rick van Rein <r...@openfortress.nl> wrote: > Hello, > > Could I bring this erratum reported in November to your attention once > more? I think it calls for correction. > > Thanks, > -Rick >> RFC Errata System <mailto:rfc-edi...@rfc-editor.org> >> 30 November 2015 at 17:02 >> The following errata report has been submitted for RFC5054, >> "Using the Secure Remote Password (SRP) Protocol for TLS Authentication". >> >> -------------------------------------- >> You may review the report below and at: >> http://www.rfc-editor.org/errata_search.php?rfc=5054&eid=4546 >> >> -------------------------------------- >> Type: Technical >> Reported by: Rick van Rein <r...@openfortress.nl> >> >> Section: 2.6 >> >> Original Text >> ------------- >> B = k*v + g^b % N >> >> Corrected Text >> -------------- >> B = ( k*v + g^b ) % N >> >> Notes >> ----- >> The customary binding is that + has lower priority than % and so the >> default reading of the expression would be >> B = k*v + ( g^b % N ) >> That is inconsistent with the existence of PAD(B) and the size of B in >> the test vectors, so the context hints at proper brackets, but this >> may still lead to implementation errors (of which I actually ran into >> an example). >> >> Instructions: >> ------------- >> This erratum is currently posted as "Reported". If necessary, please >> use "Reply All" to discuss whether it should be verified or >> rejected. When a decision is reached, the verifying party (IESG) >> can log in to change the status and edit the report, if necessary. >> >> -------------------------------------- >> RFC5054 (draft-ietf-tls-srp-14) >> -------------------------------------- >> Title : Using the Secure Remote Password (SRP) Protocol for TLS >> Authentication >> Publication Date : November 2007 >> Author(s) : D. Taylor, T. Wu, N. Mavrogiannopoulos, T. Perrin >> Category : INFORMATIONAL >> Source : Transport Layer Security >> Area : Security >> Stream : IETF >> Verifying Party : IESG >>
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
