The following errata report has been submitted for RFC9149,
"TLS Ticket Requests"

--------------------------------------
You may review the report below and at:
https://errata.rfc-editor.org/eid8996/

--------------------------------------
Type: Technical
Reported by: Daniel McCarney <[email protected]>

Section 3 says:

Original Text
-------------
Servers MUST NOT send the "ticket_request" extension in any handshake message, 
including ServerHello or HelloRetryRequest messages. A client MUST abort the 
connection with an "illegal_parameter" alert if the "ticket_request" extension 
is present in any server handshake message.

Corrected Text
--------------
Servers MUST NOT send the "ticket_request" extension in any handshake message, 
including ServerHello or HelloRetryRequest messages. A client MUST abort the 
connection with an "unsupported_extension" alert if the "ticket_request" 
extension is present in any server handshake message.

Notes
-----
RFC 8446 defines the illegal_parameter alert as used when "A field in the 
handshake was incorrect or inconsistent with other fields.  This alert is used 
for errors which conform to the formal protocol syntax but are otherwise 
incorrect.", and the unsupported_extension alert as "Sent by endpoints 
receiving any handshake message containing an extension known to be prohibited 
for inclusion in the given handshake message, or including any extensions in a 
ServerHello or Certificate not first offered in the corresponding ClientHello 
or CertificateRequest.". 

The unsupported_extension alert seems like a direct mapping to the condition 
described in Section 3 of RFC 9149: the client endpoint received a handshake 
message containing an extension that's known to be prohibited for inclusion in 
the given handshake message. In contrast it's harder to draw a straight-line 
justification for using illegal_parameter.

Instructions:
-------------
This erratum is currently posted as "Reported". Please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party  
will log in to change the status and edit the report, if necessary.

--------------------------------------
RFC9149 (draft-ietf-tls-ticketrequests)
--------------------------------------
Title               : TLS Ticket Requests
Publication Date    : April 2022
Author(s)           : T. Pauly, D. Schinazi, C.A. Wood
Category            : Proposed Standard
Source              : tls (sec)
Stream              : IETF
Verifying Party     : IESG

_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to