[TLS] [Errata Held for Document Update] RFC8446 (6820)

Fri, 05 Apr 2024 05:47:39 -0700 

The following errata report has been held for document update 
for RFC8446, "The Transport Layer Security (TLS) Protocol Version 1.3". 

--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid6820

--------------------------------------
Status: Held for Document Update
Type: Technical

Reported by: Leander Schwarz <lschw...@mozilla.com>
Date Reported: 2022-01-21
Held by: Paul Wouters (IESG)

Section: 6.2

Original Text
-------------
unsupported_extension:  Sent by endpoints receiving any handshake
      message containing an extension known to be prohibited for
      inclusion in the given handshake message, or including any
      extensions in a ServerHello or Certificate not first offered in
      the corresponding ClientHello or CertificateRequest. 

Corrected Text
--------------
unsupported_extension:  Sent by endpoints receiving any handshake
      message containing an extension in a ServerHello or Certificate
      not first offered in the corresponding ClientHello or 
      CertificateRequest.

Notes
-----
The definition of the unsupported_extension alert in section 6.2 contradicts 
the statements in section 4.2:

        If an implementation receives an extension
        which it recognizes and which is not specified for the message in
        which it appears, it MUST abort the handshake with an
   "illegal_parameter" alert.

While this might not be inconsistent due to the "abort the handshake with an X 
alert" specification at the beginning of section 6.2, it might lead to 
confusion. (see 
https://mailarchive.ietf.org/arch/msg/tls/hGOGWZRMg718mWqOZ06LwjV9360/).

Paul Wouters(AD): Currently discussed at:

https://github.com/tlswg/tls13-spec/issues/1352
https://github.com/tlswg/tls13-spec/pull/1353

--------------------------------------
RFC8446 (draft-ietf-tls-tls13-28)
--------------------------------------
Title               : The Transport Layer Security (TLS) Protocol Version 1.3
Publication Date    : August 2018
Author(s)           : E. Rescorla
Category            : PROPOSED STANDARD
Source              : Transport Layer Security
Stream              : IETF
Verifying Party     : IESG

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to