“Fixed length fields such as found in ECDSA keys should be their natural length and leading zero octets should not be stripped.”
I would consider strengthening this to say MUST/MUST NOT instead of “should” to avoid any ambiguity that there is no allowance for stripping leading zero octets. Thanks, Corey From: Acme <[email protected]> On Behalf Of Richard Barnes Sent: Thursday, July 13, 2023 12:38 PM To: RFC Errata System <[email protected]> Cc: [email protected]; [email protected]; [email protected]; [email protected]; [email protected]; [email protected]; [email protected]; [email protected]; [email protected]; [email protected] Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (7565) This seems correct to me. I would mark it Verified. On Thu, Jul 13, 2023 at 12:19 PM RFC Errata System <[email protected]<mailto:[email protected]>> wrote: The following errata report has been submitted for RFC8555, "Automatic Certificate Management Environment (ACME)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7565 -------------------------------------- Type: Technical Reported by: Paul Breed <[email protected]<mailto:[email protected]>> Section: 8.1 Original Text ------------- The "Thumbprint" step indicates the computation specified in [RFC7638], using the SHA-256 digest [FIPS180-4]. As noted in [RFC7518] any prepended zero octets in the fields of a JWK object MUST be stripped before doing the computation. Corrected Text -------------- The "Thumbprint" step indicates the computation specified in [RFC7638], using the SHA-256 digest [FIPS180-4]. As noted in [RFC7518] any additional prepended zero octets in the fields of a JWK object MUST be stripped before doing the computation. Fixed length fields such as found in ECDSA keys should be their natural length and leading zero octets should not be stripped. Notes ----- This comment was really aimed at the leading 0 octet sometimes used with RSA, but the comment is not RSA specific. ECDSA keys can have fixed length fields (X,Y) where there can be leading zeros. This led me astray in implementing an ECDSA thumbprint routine for ACME. The result was that 1/128 ECDSA keys failed to generate t humbp[rint as leading zeros were removed. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC8555 (draft-ietf-acme-acme-18) -------------------------------------- Title : Automatic Certificate Management Environment (ACME) Publication Date : March 2019 Author(s) : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. Kasten Category : PROPOSED STANDARD Source : Automated Certificate Management Environment Area : Security Stream : IETF Verifying Party : IESG
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
