X.500 Standard status
(Implementors' Guide)

X.509 Related activities

How to be involved

More Information

Tutorial section 1
X.500 General

Tutorial section 2
X.509 specific

Other PKI organizations

edit SideBar

Search

Defect Reports

This defect register contains a list of Defect Reports (DRs).

To submit a new Defect Report please click here.

Defects Reports are in theory handled by a Defect Report editing group with country representation. However, resolution of Defect Reports is mainly done on our mailing list and/or at meetings. When there appears to be some agreement on the resolution, the result may either be:

  • The Defect Report is rejected, as there is a reasonable consensus that the Defect Report does not identify a defect.
  • The defect is rejected, as it asks for an extension rather than identifying a defect.
  • The Defect Report is accepted and its resolution is, possibly in a modified form, included in one or more Draft Technical Corrigenda (DTCs).

A DTC is related to a particular edition and part of the X.500 standards. As a DR may affect up to two editions and several parts, the same DR may be reflected in several DTCs.

A DTC may include the result from several DRs.

When a DTC has been completed, it sent to the ISO/IEC JTC1/SC6 for a 3 month ballot among members (National Bodies). If the text is approved, the Draft Technical Corrigenda is turned into a final (Technical) Corrigendum (abbreviated to Cor.). Several DTCs may be included in a single Cor.

The table below gives a list of DRs. If a DR has been resolved and a suggested text has been created, links are given to the resulting DTCs or Cors. When the DTC has successfully passed the ballot, these links are changed to the resulting Cors.

The notation for a link consists of three fields separated by hyphens. The first field indicates the part of the standard affected by the DTC or Cor. The second field indicates the edition of that part and the third field indicates whether it is DTC or Cor and its number.

For a RSS Feed of changes made to this page, click here.

DR

Description of Defect

Source

Cor(s)/DTC(s)

Status

425

Private key usage period extension clarification

Erik
8 May 16

-

Open for discussion

424

Subject CA and intermediate CA definitions

Erik
5 May 16

-

Open for discussion

423

SOA identifier extension clarification

Erik
4 May 16

-

Open for discussion

422

Requirement on name uniqueness

Erik
1 Feb. 16

-

Open for discussion

421

Clarification of relationship between CAs and AAs

Erik
1 Feb. 16

-

Open for discussion

420

Multiple terms for delegation path

Erik
2 Dec. 15

X509-Ed7-Cor2

Resolved

419

Certificate validation clarification

Erik
25 Nov. 15

X509-Ed7-Cor2

Resolved

418

Confusing about end entity concept

Erik
25 Nov. 15

X509-Ed7-Cor2

Resolved

417

Basic constraints extension clarification

Erik
25 Nov. 15

X509-Ed7-Cor2

Resolved

416

Subject directory attributes extension clarification

Erik
16 Nov. 15

X509-Ed7-Cor2

Resolved

415

AA certificate definition

Erik
16 Nov. 15

X509-Ed7-Cor2

Resolved

414

X.509 entity concept

Erik
16 Nov. 15

X509-Ed7-Cor2

Resolved

413

Indirect CRLs

Erik
19 Nov. 15

X509-Ed7-Cor2

Resolved

412

Irrelevant and erroneous requirement

Erik
13 Nov. 15

X509-Ed7-Cor2

Resolved

411

Unclear text in certificate list exact match

Erik
26 Oct. 15

X509-Ed7-Cor2

Resolved

410

Definition of privilege holder

Erik
22 Oct. 15

X509-Ed7-Cor2

Resolved

409

Redefinition of attribute authority

Erik
15 July 15

X509-Ed7-Cor2

Resolved

408

End entity, end-entity public-key certificate and end-entity attribute certificate definitions

Erik
15 July 15

X509-Ed7-Cor2

Resolved

407

Insufficient digital signature explanation

Erik
05 July 15

X509-Ed7-Cor2

Resolved

406

Weak algorithm and/or key as a revocation reason

Erik
02 Mar 15

X509-Ed7-Cor2

Resolved

405

Stray ASN.1 in X.509

Erik
01 Jan 15

X509-Ed7-Cor1

Resolved

404

Definition of Registration Authority

Erik
20 Dec 14

X509-Ed7-Cor1

Resolved

403

DER encoding of certificates

Erik
18 Aug 14

X509-Ed7-Cor1

Resolved

402

An issue with authority key identifier extension

Erik
17 June 14

X509-Ed7-Cor1

Resolved

401

Ambiguity in ALGORITHM information object class

Erik
8 June 14

X509-Ed7-Cor1

Resolved

400

IPv6 address in General Name

Erik
2 May 14

X509-Ed7-Cor1

Resolved

399

Updates to Annex C of Rec. ITU-T X.509 | ISO/IEC 9594-8

Erik
30 April 14

X509-Ed7-Cor1

Resolved

398

Problem with the issuing distribution point extension

Erik
26 April 14

X509-Ed7-Cor1

Resolved

397

Unclear specification of the version component of certificate list

Erik
21 April 14

X509-Ed7-Cor1

Resolved

396

Wrong URN examples in Annex F of X.520

Erik
26 March 14

X520-Ed7-Cor1

Resolved

395

DNS attribute type and dnsName in subject alternate name extension

Erik
16 March 14

X520-Ed7-Cor1

Resolved

394

Insufficient description of trust anchor

Erik
25 March 14

X509-Ed7-Cor1

Resolved

393

Unclear text for the expiredCertsOnCRL X.509 extension

Denis
13 March 14

X509-Ed7-Cor1

Resolved

392

Use of three letter and three numeric country codes

Erik
11 Febr 14

X520-Ed7-Cor1

Resolved

391

Certificate types and revocation lists

Erik
25 April 14

-

Withdrawn - moved to PDAM

390

Merging of revoked ACs and PKCs in a single CRL

David
4 Sep 13

X509-Ed7-Cor1

Resolved

389

Wrong definition of self-issued attribute certificate

Erik
13 Jan 13

X509-Ed7-Cor1

Resolved

388

Strong authentication

Erik
15 May 12

X.509-Ed6-Cor3

Resolved

387

Redundant text in Rec. ITU-T X.518 | ISO/IEC 9594-4
not yet removed

Erik
15 May 12

X.501-Ed6-Cor3
X.518-Ed6-Cor2

Resolved

386

Return of error in distributed operations

Erik
13 May 12

X.518-Ed6-Cor2

Resolved

385

Missing or wrong definition of a distributed directory

Erik
13 May 12

X.518-Ed6-Cor2

Resolved

384

Clarifying information sources

Erik
7 May 12

X.518-Ed6-Cor2

Resolved

383

Normative notes in Rec. ITU-T X.518 | ISO/IEC 9594-4

Erik
7 May 12

X.518-Ed6-Cor2

Resolved

382

Missing problem value for abandoned page results

Erik
7 May 12

X.511-Ed6-Cor3

Resolved

381

Missing organization information

Erik
30 Mar 12

X.520-Ed6-Cor3

Resolved

380

Bad text for dspPaging in Chaining Arguments

Erik
8 Mar 12

X.518-Ed6-Cor2

Resolved

379

Clarification of the object class concept

Erik
18 Jan 12

X.501-Ed6-Cor3

Resolved

378

Operational Security leftover in Rec. ITU-T X.501 |
ISO/IEC 9594-2

Erik
19 Nov 11

X.501-Ed6-Cor3

Resolved

377

The authenticationLevel component of
ChainingArguments needs clarification

Erik
19 Nov 11

X.518-Ed6-Cor2

Resolved

376

requestor & originator components unclear
(X.511 & X.518)

Erik
5 Nov 11

X.511-Ed6-Cor3
X.518-Ed6-Cor2

Resolved

375

X.518 implies that the notification parameter
is mandatory

Erik
5 Nov 11

X.518-Ed6-Cor2

Resolved

374

Deletion of the response parameter of
SecurityParameters

Erik
27 Oct 11

X.511-Ed6-Cor3

Resolved

373

Cross-certificate definition

Erik
29 Sep 11

X.509-Ed5-Cor4
X.509-Ed6-Cor2

Resolved

372

Restriction on the PolicyConstraintsSyntax data type

Erik
28 Aug 11

X.509-Ed5-Cor4
X.509-Ed6-Cor2

Resolved

371R1

Unclear Operational Binding specification

Erik
20 Aug 11

X.501-Ed5-Cor4
X.501-Ed6-Cor2

Resolved

370

Storing of root naming context

Erik
6 Aug 11

X.501-Ed5-Cor4
X.501-Ed6-Cor2

Resolved

369

Definition of certification path

Erik
22 July 11

X.509-Ed5-Cor4
X.509-Ed6-Cor2

Resolved

368

Bad reference to certification path

Erik
21 July 11

X.509-Ed5-Cor4
X.509-Ed6-Cor2

Resolved

367

Signing of Bind argument and result

Erik
20 July 11

X.511-Ed5-Cor4
X.511-Ed6-Cor2

Resolved

366

Confusion about subject and issuer names in
public-key certificates

Erik
14 July 11

X.509-Ed5-Cor4
X.509-Ed6-Cor2

Resolved

365

The end-entity definition needs update

Erik
19 June 11

X.509-Ed5-Cor4
X.509-Ed6-Cor2

Resolved

364

spkmInfo component of the security error parameter
is made mandatory

Erik
19 June 11

X.511-Ed5-Cor4
X.511-Ed6-Cor2

Resolved

363

The OID id-oa-allAttributeTypes not defined

Erik
16 June 11

X.501-Ed5-Cor4
X.501-Ed6-Cor2
X.511-Ed5-Cor4
X.511-Ed6-Cor2

Resolved

362

Definition of trust

Erik
17 April 11

X.509-Ed5-Cor4
X.509-Ed6-Cor2

Resolved

361

userGroup definition not correct.

Jean-Paul
9 Dec 10

X.501-Ed5-Cor4
X.501-Ed6-Cor2

Resolved

360

Problem in CONTEXT class definition

Jean-Paul
5 Nov 10

X.501-Ed5-Cor4
X.501-Ed6-Cor2

Resolved

359

ModifyOperationalBindingResult problem

Jean-Paul
14 Sep 10

X.501-Ed5-Cor4
X.501-Ed6-Cor2

Resolved

358

Handling of unknown operation code

Erik
12 Aug 10

X.519-Ed5-Cor3
X.519-Ed6-Cor2

Resolved

357

Recursive structure rules

Jean-Paul
12 Aug 10

X.501-Ed5-Cor4
X.501-Ed6-Cor2
X.521-Ed5-Cor1
X.521-Ed6-Cor1

Resolved

356

Inconsistency in IdmResult

Jean-Paul
12 Aug 10

X.519-Ed5-Cor3
X.519-Ed6-Cor2

Resolved

355

ASN.1 errors in Association-informationBind related data types

Jean-Paul
12 Aug 10

X.519-Ed5-Cor3
X.519-Ed6-Cor2

Resolved

354

ASN.1 error in ABRT-apdu

Jean-Paul
12 Aug 10

X.519-Ed5-Cor3
X.519-Ed6-Cor2

Resolved

353

Error in the X.509 crossCertificatePair attribute type

Erik
10 Feb 10

X.509-Ed5-Cor4
X.509-Ed6-Cor2

Resolved

352

Misleading text in X.509

Jean-Paul
18 Jan 10

X.509-Ed5-Cor3
X.509-Ed6-Cor1

Resolved

351

ASN.1 errors in temporal examples

Erik
16 Nov 09

X.520-Ed5-Cor3
X.520-Ed6-Cor1

Resolved

350

IDM version negotiation

Erik
15 Nov 09

X.519-Ed5-Cor2
X.519-Ed6-Cor1

Resolved

349

Clarification of UII Format attribute type and tag-bases object classes

Erik
1 Dec 09

X.520-Ed6-Cor2
X.521-Ed6-Cor1

Resolved

348

Trust anchor vs. trust anchor information

Erik
8 Oct. 09

X.509-Ed5-Cor3
X.509-Ed6-Cor1

Resolved

347

Compatibility problem between X.519 and ROSE
for reject

Jean-Paul
29 June 09

X.519-Ed5-Cor2
X.519-Ed6-Cor1

Resolved

346

Backward compatibility problem in DOP

Jean-Paul
29 June 09

X.501-Ed5-Cor3
X.501-Ed6-Cor1

Resolved

345

Bad references to Unbind specifications

Erik
20 April 09

X.501-Ed5-Cor3
X.511-Ed5-Cor3
X.518-Ed5-Cor2
X.525-Ed5-Cor1

Resolved

344

Certificate terminology

Erik
20 April 09

X.509-Ed5-Cor3

Reseolved

343

Definition of Root Naming Context

Erik
20 March 09

X.501-Ed5-Cor3
X.519-Ed5-Cor2

Resolved

342

Wrong reference to ISO 3166

Erik
19 March 09

X.520-Ed5-Cor3

Resolved

341

Missing bit in ServiceControlOptions

Erik
19 March 09

X.511-Ed5-Cor3

Resolved

340

Critical extension specified for SPKM in Bind

Erik
17 Jan. 09

X.511-Ed5-Cor3

Resolved

339

Separation of DSA-DSA Binds from Directory
(DAP) Bind

Erik
11 Jan. 09

X.501-Ed5-Cor3
X.501-Ed6-Cor1
X.518-Ed5-Cor2
X.518-Ed6-Cor1
X.525-Ed5-Cor1
X.525-Ed6-Cor1

Resolved

338

Error in transport of LDAP messages

Erik

X.511-Ed5-Cor3
X.511-Ed6-Cor1
X.518-Ed5-Cor2
X.518-Ed5-Cor1

Resolved

337

Error code for IDM directoryBindError

Erik
11 Dec. 08

X.519-Ed5-Cor2

Resolved

336

Basic Access Control decision point for replaceValues

Erik
5 Nov. 08

X.511-Ed5-Cor3
X.511-Ed6-Cor1

Resolved

335

Transcoding TeletexString to Unicode

Erik
17 Sept. 08

X.520-Ed5-Cor4
X.520-Ed6-Cor2

Resolved

334

OID clash for attribute types extensions

Erik
17 Sept. 08

X.509-Ed5-Cor3
X.520-Ed5-Cor3

Resolved

333

Presence matching rules for certificate extensions

Erik
9 Sept. 08

X.509-Ed5-Cor3

Resolved

332

Value reference for OID in X.509

Erik
9 Sept. 08

X.509-Ed5-Cor3

Resolved

331

Editorial in Scope clause of X.509

Hoyt
8 July 08

X.509-Ed5-Cor2

Resolved

330

Partially known critical extensions

D. Chadwick
8 July 08

X.509-Ed5-Cor2

Resolved

329

Redundant information in Bind

Erik
8 July 08

X.511-Ed5-Cor2

Resolved

328

Data integrity in storage

Erik
8 July 08

X.501-Ed5-Cor2

Resolved

327

String matching rule

Erik
26 April 08

X.520-Ed5-Cor2

Resolved

326

Error in protected password definition

AFNOR
10 April 08

X.509-Ed5-Cor2
X.511-Ed5-Cor2

Resolved

325

Telephone number syntax and matching

Erik
10 April 08

X.520-Ed5-Cor2

Resolved

324

The exclusions component of CommonArguments
missing

Erik
26 Sept. 07

X.511-Ed5-Cor1
X.511-Ed4-Cor3

Resolved

323

Remove dangling references to end-to-end
encryption in ITU-T Rec. X.511 | ISO/IEC 9594-3

Erik
26 Sept. 07

X.511-Ed5-Cor1
X.511-Ed4-Cor3

Resolved

322

Attribute subtype problem

Erik
26 Sept. 07

X.520-Ed5-Cor1
X.520-Ed4-Cor3

Resolved

321

Signing of Bind Errors

Erik
30 Aug. 07

X.511-Ed5-Cor1
X.511-Ed4-Cor3

Resolved

320

serialNumber in certficates as specified in
Clause 7 of X.509

AFNOR
12 June 07

Liaison to PKIX
on subject

Rejected

319

Remove dangling references to end-to-end encryption

Erik email
25 Feb 07

X.518-Ed5-Cor1
X.518-Ed4-Cor2

Resolved

318

Handling of unknown NSAP address structures

Erik email
25 Feb 07

X.501-Ed5-Cor1
X.501-Ed4-Cor3
X.518-Ed5-Cor1
X.518-Ed4-Cor2
X.519-Ed5-Cor1
X.519-Ed4-Cor1

Resolved

317

Embedded PDV; Support PER

AFNOR
19 Feb 07

X.501-Ed5-Cor1
X.501-Ed4-Cor3

Resolved

316

Wrong reference and missing text

Erik email
7 Nov 05

X.511-Ed4-Cor3

Resolved

315

Errors in Managed object Definitions

Erik email
7 Nov 05

X.530-Ed4-Cor1

Resolved

314

Name constraints extension alignment with RFC 3280

Stefan email
28 Sept 05

X.509-Ed5-Cor1
X.509-Ed4-Cor4

Resolved

313

ServiceProblem error in ITU-T Rec. X.511 - ISO/IEC
9594-3 and ITU-T Rec. X.520 - ISO/IEC 9594-6

Erik email
19 April 05

X.511-Ed4-Cor2
X.520-Ed4-Cor2

Resolved

312

ASN.1 errors in ITU-T Rec. X.501
ISO/IEC 9594-2 and ITU-T Rec. X.520
ISO/IEC 9594-6

Erik email
19 April 05

X.501-Ed4-Cor2
X.520-Ed4-Cor2

Resolved

311

Differences between crl and crl entry extensions

Sharon email
9th March 05

X.509-Ed5-Cor1
X.509-Ed4-Cor4

Resolved

310

Unrecognised crl and crl entry extensions

Sharon email
9th March 05

X.509-Ed5-Cor1
X.509-Ed4-Cor4

Resolved

309

Mandadting that unavailableCriticalExtension be returned if extension not supported

UK ballot #5
October 04

X.511-Ed4-Cor1
X.511-Ed3-Cor3

Resolved

308

validity in SimpleCredentials missing OPTIONAL

Erik email
12March 04

X.511-Ed4-Cor1
X.511-Ed3-Cor3

Resolved

307?

Incorrect clause cross reference

Erik email
9 March 04

X.518-Ed4-Cor1

Resolved

306

ASN.1 Error introduced by DR225

Erik email
1 Feb 04

X.501-Ed4-Cor1
X.501-Ed3-Cor3

Resolved

305

IDP Extension

Sharon email
12 Mar 03

X.509-Ed4-Cor3

Resolved

304

old RSA encryption algorithm OID

Sharon email
14 Mar 03

X.509-Ed4-Cor3
X.509-Ed3-Cor6

Resolved

303

Attribute value preserved as supplied

Sharon email
London 2003
written by
Hoyt

-

??

302

Skip Certs in policy constraints

Sharon email
London 2001

-

??

301

Base CRL window

Sharon /NIST2
002

X.509-Ed4-Cor3

Resolved

300

Basic constraints requirement for path
processing

Sharon /NIST2
002

X.509-Ed4-Cor3

Resolved

For previous defect reports, please click here.

Page Actions

Recent Changes

Group & Page

Back Links