The following errata report has been held for document update for RFC2712, "Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)".
-------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid5432 -------------------------------------- Status: Held for Document Update Type: Technical Reported by: Eugene Adell <eugene.ad...@gmail.com> Date Reported: 2018-07-20 Held by: Paul Wouters (IESG) Section: Appendix Original Text ------------- Corrected Text -------------- Appendix RFC 2712 introduces new cipher suites values, starting with the cipher value { 0x00, 0x1E }. This cipher value was earlier known as a Fortezza cipher suite, and this could lead to a conflict. Notes ----- Errata 5409 was rejected and I was suggested to post another one at this place. RFC 2712 (Addition of Kerberos Cipher Suites to Transport Layer Security) in its Draft 01 version introduces new cipher suites values, among them three are colliding with the Fortezza cipher suites. The Draft 02 version partially corrects that, by shifting all of the Kerberos cipher suites values by two. This omission of the third Fortezza cipher suite has never been corrected, and this remains in the same state in the final RFC 2712. As a result, the cipher suite value { 0x00, 0x1E } is now officially known as a Kerberos one. Although not documented themselves by any RFC, the two non conflicting Fortezza cipher suites are mentioned in the same note in the TLS protocol RFC (2246, 4346, 5246). This gives an explanation on how the Kerberos cipher suite values were chosen. -------------------------------------- RFC2712 (draft-ietf-tls-kerb-cipher-suites-04) -------------------------------------- Title : Addition of Kerberos Cipher Suites to Transport Layer Security (TLS) Publication Date : October 1999 Author(s) : A. Medvinsky, M. Hur Category : PROPOSED STANDARD Source : Transport Layer Security Area : Security Stream : IETF Verifying Party : IESG _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
