| CARVIEW |
Search RFCs
The Series
For Authors
Sponsor
RFC Errata
Found 2 records.
Status: Verified (1)
RFC 6242, "Using the NETCONF Protocol over Secure Shell (SSH)", June 2011
Source of RFC: netconf (ops)
Errata ID: 8569
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Ahmed Elhassany
Date Reported: 2025-09-11
Verifier Name: Mahesh Jethanandani
Date Verified: 2025-09-14
Section 3.1 says:
S: <?xml version="1.0" encoding="UTF-8"?> S: <hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> S: <capabilities> S: <capability> S: urn:ietf:params:netconf:base:1.1 S: </capability> S: <capability> S: urn:ietf:params:ns:netconf:capability:startup:1.0 S: </capability> S: </capabilities> S: <session-id>4</session-id> S: </hello> S: ]]>]]>
It should say:
S: <?xml version="1.0" encoding="UTF-8"?> S: <hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> S: <capabilities> S: <capability> S: urn:ietf:params:netconf:base:1.1 S: </capability> S: <capability> S: urn:ietf:params:netconf:capability:startup:1.0 S: </capability> S: </capabilities> S: <session-id>4</session-id> S: </hello> S: ]]>]]>
Notes:
Correct the startup capability in accordance with the URN defined in RFC 6241 Section 10.4 and registered in IANA.
Status: Rejected (1)
RFC 6242, "Using the NETCONF Protocol over Secure Shell (SSH)", June 2011
Source of RFC: netconf (ops)
Errata ID: 5305
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: HengyingFan
Date Reported: 2018-03-26
Rejected by: Ignas Bagdonas
Date Rejected: 2018-03-27
Section 6 says:
This document also recommends that SSH servers be configurable to allow access to the "netconf" SSH subsystem over other ports. Use of that configuration option without corresponding changes to firewall or network device configuration may unintentionally result in the ability for nodes outside of the firewall or other administrative boundaries to gain access to the "netconf" SSH subsystem.
It should say:
This document also recommends that SSH servers be configurable to allow access to the "netconf" SSH subsystem over other ports. Use of that configuration option without corresponding changes to firewall or network device configuration may unintentionally result in the inability for nodes outside of the firewall or other administrative boundaries to gain access to the "netconf" SSH subsystem.
Notes:
ability -> inability
--VERIFIER NOTES--
It was discussed among reporter, document authors, and WG members and the conclusion was that the original text in the document is technically correct.
Email discussion:
https://mailarchive.ietf.org/arch/msg/netconf/xMBJjW9Sn5xzXZYhwVbRM0Im1fg
IAB • IANA • IETF • IRTF • ISE • ISOC • IETF Trust
Reports • Privacy Statement • Site Map • Contact Us