- From: RFC Errata System <rfc-editor@rfc-editor.org>
- Date: Thu, 30 Oct 2025 13:20:53 -0700 (PDT)
- To: martin.thomson@gmail.com, httpbis-ads@ietf.org, mnot@mnot.net, tpauly@apple.com
- Cc: patrick@psbarrett.com, ietf-http-wg@w3.org, rfc-editor@rfc-editor.org
The following errata report has been submitted for RFC8188, "Encrypted Content-Encoding for HTTP". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid8620 -------------------------------------- Type: Technical Reported by: Patrick Barrett <patrick@psbarrett.com> Section: 3.1 Original Text ------------- The encrypted data in this example is the UTF-8-encoded string "I am the walrus". The input-keying material is the value "yqdlZ- tYemfogSmv7Ws5PQ" (in base64url). The 54-octet content body contains a single record and is shown here using 71 base64url characters for presentation reasons. HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 54 Content-Encoding: aes128gcm I1BsxtFttlv3u_Oo94xnmwAAEAAA-NAVub2qFgBEuQKRapoZu-IxkIva3MEB1PD- ly8Thjg Corrected Text -------------- The encrypted data in this example is the UTF-8-encoded string "I am the walrus". The input-keying material is the value "yqdlZ- tYemfogSmv7Ws5PQ" (in base64url). The 54-octet content body contains a single record and is shown here using 72 base64url characters for presentation reasons. HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 54 Content-Encoding: aes128gcm I1BsxtFttlv3u_Oo94xnmwAAEAAA-NAVub2qFgBEuQKRapoZu_ul1ATXXzhZ8IY 2l5S6w8cG Notes ----- The example is missing the padding delimiter octet. The paragraph directly above this explicitly says it should have it. > [...] This uses a > record size of 4096 octets and no padding (just the single-octet > padding delimiter), so only a partial record is present. Also, without that the delimiter, the body is only 53 octets, not the 54 the description says it should be. Instructions: ------------- This erratum is currently posted as "Reported". (If it is spam, it will be removed shortly by the RFC Production Center.) Please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party will log in to change the status and edit the report, if necessary. -------------------------------------- RFC8188 (draft-ietf-httpbis-encryption-encoding-09) -------------------------------------- Title : Encrypted Content-Encoding for HTTP Publication Date : June 2017 Author(s) : M. Thomson Category : PROPOSED STANDARD Source : HTTP Stream : IETF Verifying Party : IESG
Received on Thursday, 30 October 2025 20:20:58 UTC