The following errata report has been submitted for RFC8886, "Secure Device Install".
-------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6299 -------------------------------------- Type: Technical Reported by: Stéphane Bortzmeyer <bortzmeyer+i...@nic.fr> Section: A.2.2 Original Text ------------- openssl smime -encrypt -aes-256-cbc -in SN19842256.cfg \ -out SN19842256.enc \ -outform PEM SN19842256.crt Corrected Text -------------- No corrected text, I think it requires more changes in the previous command. Notes ----- The command in the RFC fails with: Error creating PKCS#7 structure 140616744621440:error:21082096:PKCS7 routines:PKCS7_RECIP_INFO_set:encryption not supported for this key type:crypto/pkcs7/pk7_lib.c:487: 140616744621440:error:21073078:PKCS7 routines:PKCS7_encrypt:error adding recipient:crypto/pkcs7/pk7_smime.c:458: A rapid glance in some online discussions seem to indicate that you cannot S/MIME encrypt with elliptic curves. With RSA for the key, the command in the RFC works fine. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC8886 (draft-ietf-opsawg-sdi-13) -------------------------------------- Title : Secure Device Install Publication Date : September 2020 Author(s) : W. Kumari, C. Doyle Category : INFORMATIONAL Source : Operations and Management Area Working Group Area : Operations and Management Stream : IETF Verifying Party : IESG _______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg