The following errata report has been submitted for RFC9679, "CBOR Object Signing and Encryption (COSE) Key Thumbprint".
-------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid8390 -------------------------------------- Type: Editorial Reported by: Carsten Bormann <[email protected]> Section: 5.4 Original Text ------------- [...] as the "x5t" (X.509 certificate SHA-1 thumbprint) [RFC9360] value defined for X.509 certificate objects does. Corrected Text -------------- [...] as the "x5t" (X.509 certificate thumbprint) [RFC9360] value defined for X.509 certificate objects does. Notes ----- The hash function name "SHA-1" is spurious here. RFC 9360 calls "x5t" a "Hash of an X.509 certificate" or goes into more detail by saying "x5t: This header parameter identifies the end-entity X.509 certificate by a hash value (a thumbprint). ". So calling "x5t" an "X.509 certificate thumbprint" is not wrong. However, there is nothing in RFC 9360 about SHA-1, and SHA-1 is outdated enough that this misreference borders on a technical mistake. Instructions: ------------- This erratum is currently posted as "Reported". (If it is spam, it will be removed shortly by the RFC Production Center.) Please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party will log in to change the status and edit the report, if necessary. -------------------------------------- RFC9679 (draft-ietf-cose-key-thumbprint-06) -------------------------------------- Title : CBOR Object Signing and Encryption (COSE) Key Thumbprint Publication Date : December 2024 Author(s) : K. Isobe, H. Tschofenig, O. Steele Category : PROPOSED STANDARD Source : CBOR Object Signing and Encryption Stream : IETF Verifying Party : IESG _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
