this is a good fix to a true error in this rfc.
RFC Errata System wrote on 2024-06-11 06:00:
The following errata report has been submitted for RFC8945,
"Secret Key Transaction Authentication for DNS (TSIG)".
--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid7983
--------------------------------------
Type: Editorial
Reported by: Terts Diepraam <te...@nlnetlabs.nl>
Section: 5.2
Original Text
-------------
If the TSIG RR cannot be interpreted, the server MUST regard the
message as corrupt and return a FORMERR to the server.
Corrected Text
--------------
If the TSIG RR cannot be interpreted, the server MUST regard the
message as corrupt and return a FORMERR to the client.
Notes
-----
Server send an error to the client, not to itself.
Instructions:
-------------
This erratum is currently posted as "Reported". (If it is spam, it
will be removed shortly by the RFC Production Center.) Please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party
will log in to change the status and edit the report, if necessary.
--------------------------------------
RFC8945 (draft-ietf-dnsop-rfc2845bis-09)
--------------------------------------
Title : Secret Key Transaction Authentication for DNS (TSIG)
Publication Date : November 2020
Author(s) : F. Dupont, S. Morris, P. Vixie, D. Eastlake 3rd, O.
Gudmundsson, B. Wellington
Category : INTERNET STANDARD
Source : Domain Name System Operations
Stream : IETF
Verifying Party : IESG
--
P Vixie
_______________________________________________
DNSOP mailing list -- dnsop@ietf.org
To unsubscribe send an email to dnsop-le...@ietf.org
