Hi, Speaking to Warren offline, he suggests (as an author) that this errata should be verified.
Please let me know this week if anyone feels differently, otherwise I'll verify this at the end of the week. Thanks, Rob > -----Original Message----- > From: RFC Errata System <[email protected]> > Sent: 05 October 2020 20:25 > To: [email protected]; [email protected]; [email protected]; Rob Wilton > (rwilton) <[email protected]>; [email protected]; Joe Clarke > (jclarke) <[email protected]>; [email protected] > Cc: [email protected]; [email protected]; [email protected] > Subject: [Technical Errata Reported] RFC8886 (6299) > > The following errata report has been submitted for RFC8886, > "Secure Device Install". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid6299 > > -------------------------------------- > Type: Technical > Reported by: Stéphane Bortzmeyer <[email protected]> > > Section: A.2.2 > > Original Text > ------------- > openssl smime -encrypt -aes-256-cbc -in SN19842256.cfg \ > -out SN19842256.enc \ > -outform PEM SN19842256.crt > > Corrected Text > -------------- > No corrected text, I think it requires more changes in the previous > command. > > > Notes > ----- > The command in the RFC fails with: > > Error creating PKCS#7 structure > 140616744621440:error:21082096:PKCS7 > routines:PKCS7_RECIP_INFO_set:encryption not supported for this key > type:crypto/pkcs7/pk7_lib.c:487: > 140616744621440:error:21073078:PKCS7 routines:PKCS7_encrypt:error adding > recipient:crypto/pkcs7/pk7_smime.c:458: > > A rapid glance in some online discussions seem to indicate that you cannot > S/MIME encrypt with elliptic curves. > > With RSA for the key, the command in the RFC works fine. > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC8886 (draft-ietf-opsawg-sdi-13) > -------------------------------------- > Title : Secure Device Install > Publication Date : September 2020 > Author(s) : W. Kumari, C. Doyle > Category : INFORMATIONAL > Source : Operations and Management Area Working Group > Area : Operations and Management > Stream : IETF > Verifying Party : IESG _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
