The following errata report has been verified for RFC7518, "JSON Web Algorithms (JWA)".
-------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid8568 -------------------------------------- Status: Verified Type: Editorial Reported by: Sören Sprößig <[email protected]> Date Reported: 2025-09-08 Verified by: RFC Editor Section: 3.2 Original Text ------------- (This requirement is based on Section 5.3.4 (Security Effect of the HMAC Key) of NIST SP 800-117 [NIST.800-107], which states that the effective security strength is the minimum of the security strength of the key and two times the size of the internal hash value.) Corrected Text -------------- (This requirement is based on Section 5.3.4 (Security Effect of the HMAC Key) of NIST SP 800-107 [NIST.800-107], which states that the effective security strength is the minimum of the security strength of the key and two times the size of the internal hash value.) Notes ----- NIST SP 800-117 was SCAP, 800-107 is the correct one (as linked). -------------------------------------- RFC7518 (draft-ietf-jose-json-web-algorithms-40) -------------------------------------- Title : JSON Web Algorithms (JWA) Publication Date : May 2015 Author(s) : M. Jones Category : PROPOSED STANDARD Source : Javascript Object Signing and Encryption Stream : IETF _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
