[TLS] Re: [Technical Errata Reported] RFC8446 (8411)

Thu, 08 May 2025 17:54:57 -0700 

Paul,

You can marked this one as “verified" if you want. I submitted a PR to fix this 
in -rfc8446bis; see:
https://github.com/tlswg/tls13-spec/pull/1380

spt

> On May 8, 2025, at 4:05 AM, RFC Errata System <[email protected]> 
> wrote:
> 
> The following errata report has been submitted for RFC8446,
> "The Transport Layer Security (TLS) Protocol Version 1.3".
> 
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid8411
> 
> --------------------------------------
> Type: Technical
> Reported by: Albin Johansson <[email protected]>
> 
> Section: 4.2.7
> 
> Original Text
> -------------
> struct {
>    NamedGroup named_group_list<2..2^16-1>;
> } NamedGroupList;
> 
> Corrected Text
> --------------
> struct {
>    NamedGroup named_group_list<2..2^16-2>;
> } NamedGroupList;
> 
> Notes
> -----
> The specified maximum legal length of the named_group_list vector in the 
> NamedGroupList structure is 2^16-1 bytes. This is invalid because NamedGroup 
> is an enum that occupies two bytes, but 2^16-1 is not an exact multiple of 
> the element size (2 bytes), as required in Section 3.4. It appears that the 
> intended upper bound should be 2^16-2 bytes instead.
> 
> Instructions:
> -------------
> This erratum is currently posted as "Reported". (If it is spam, it 
> will be removed shortly by the RFC Production Center.) Please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party  
> will log in to change the status and edit the report, if necessary.
> 
> --------------------------------------
> RFC8446 (draft-ietf-tls-tls13-28)
> --------------------------------------
> Title               : The Transport Layer Security (TLS) Protocol Version 1.3
> Publication Date    : August 2018
> Author(s)           : E. Rescorla
> Category            : PROPOSED STANDARD
> Source              : Transport Layer Security
> Stream              : IETF
> Verifying Party     : IESG


_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to