RFC Errata
RFC 7929, "DNS-Based Authentication of Named Entities (DANE) Bindings for OpenPGP", August 2016
Source of RFC: dane (sec)See Also: RFC 7929 w/ inline errata
Errata ID: 4768
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: James Manger
Date Reported: 2016-08-08
Verifier Name: Stephen Farrell
Date Verified: 2016-08-08
Section 5.3. says:
For example, if the OPENPGPKEY RR query for hugh@example.com (8d57[...]b7._openpgpkey.example.com) yields a CNAME to 8d57[...]b7._openpgpkey.example.net, and an OPENPGPKEY RR for 8d57[...]b7._openpgpkey.example.net exists,
It should say:
For example, if the OPENPGPKEY RR query for hugh@example.com (c93f[...]d6._openpgpkey.example.com) yields a CNAME to c93f[...]d6._openpgpkey.example.net, and an OPENPGPKEY RR for c93f[...]d6._openpgpkey.example.net exists,
Notes:
The example hash 8d57[...]b7 is wrong. It has been calculated with the wrong hash algorithm: SHA-224, instead of SHA-256. The correct hash is c93f[...]d6, which is shown in the example in section 3.