The following errata report has been submitted for RFC9149, "TLS Ticket Requests"
-------------------------------------- You may review the report below and at: https://errata.rfc-editor.org/eid8996/ -------------------------------------- Type: Technical Reported by: Daniel McCarney <[email protected]> Section 3 says: Original Text ------------- Servers MUST NOT send the "ticket_request" extension in any handshake message, including ServerHello or HelloRetryRequest messages. A client MUST abort the connection with an "illegal_parameter" alert if the "ticket_request" extension is present in any server handshake message. Corrected Text -------------- Servers MUST NOT send the "ticket_request" extension in any handshake message, including ServerHello or HelloRetryRequest messages. A client MUST abort the connection with an "unsupported_extension" alert if the "ticket_request" extension is present in any server handshake message. Notes ----- RFC 8446 defines the illegal_parameter alert as used when "A field in the handshake was incorrect or inconsistent with other fields. This alert is used for errors which conform to the formal protocol syntax but are otherwise incorrect.", and the unsupported_extension alert as "Sent by endpoints receiving any handshake message containing an extension known to be prohibited for inclusion in the given handshake message, or including any extensions in a ServerHello or Certificate not first offered in the corresponding ClientHello or CertificateRequest.". The unsupported_extension alert seems like a direct mapping to the condition described in Section 3 of RFC 9149: the client endpoint received a handshake message containing an extension that's known to be prohibited for inclusion in the given handshake message. In contrast it's harder to draw a straight-line justification for using illegal_parameter. Instructions: ------------- This erratum is currently posted as "Reported". Please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party will log in to change the status and edit the report, if necessary. -------------------------------------- RFC9149 (draft-ietf-tls-ticketrequests) -------------------------------------- Title : TLS Ticket Requests Publication Date : April 2022 Author(s) : T. Pauly, D. Schinazi, C.A. Wood Category : Proposed Standard Source : tls (sec) Stream : IETF Verifying Party : IESG _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
