Handle RFC Errata RFC 3651 Page 3 incorrectly excludes %x40 (@). However, there are no actual examples of prefixes using @. RFC 3651 Page 5 0 is reserved, and for compatibility with existing implementations indexes greater than or equal to 2^31 (which would represent negative values if interpreted as signed integers) should not be used. RFC 3651 Page 6-7 Execute permissions have never been used. RFC 3651 Page 8 : TTL Type is the first octet; 0x00 indicates relative TTL, and 0x01 indicates absolute TTL. is a 4-byte integer specifying elapsed time since 00:00:00 UTC, January 1970 in seconds (not an 8-byte integer specifying milliseconds). RFC 3651 Page 10 Handle records can have zero HS_ADMIN values. This indicates that only administrators specified in server configuration will be able to modify the handle record. There is currently no facility for having a handle administrator reference containing an X.509 certificate. The only types used for HS_ADMIN references are HS_SECKEY, HS_PUBKEY, and HS_VLIST. is the first component of the HS_ADMIN value, and is the second. RFC 3651 Page 11 The types DSS_WITH_DES_CBC_SHA and DES-EDE3-WITH-CBC are not used. The only types used for HS_ADMIN references are HS_SECKEY, HS_PUBKEY, and HS_VLIST. RFC 3651 Page 12 Delete_Handle is a handle-level permission, allowing the handle administrator to delete the handle itself on which the permission is granted. RFC 3651 Page 15-17 - The HS_SITE version is 1, not 0. - The first bit of PrimaryMask is PrimarySite and the second bit is MultiPrimary. - IPv4 addresses are encoded not as ::FFFF:xxxx:xxxx but as ::xxxx:xxxx. - In ServiceType, 1 is admin, 2 is query, 3 is both. - In TransmissionProtocol, 0 is UDP, 1 is TCP, 2 is HTTP. - CERT.X509 was never implemented. RFC 3651 Page 17 - Hashing uses only the last (least significant) four bytes of the 16-byte MD5 hash. RFC 3651 Page 19-20 HS_NA_DELEGATE not implemented. RFC 3651 Page 20 Handle records may have more than one HS_SERV value. The defined service is the union of the sites defined at all the handle records referenced in HS_SERV values, combined with the HS_SITE values on the original handle record. RFC 3651 Page 21-22 HS_PRIMARY not implemented. RFC 3652 Page 6 TCP message fragmentation for long messages not implemented. RFC 3652 Page 9 Compression (signified via CP bit) not implemented. RFC 3652 Page 11 TCP message fragmentation for long messages not implemented. RFC 3652 Page 21 Message Length in the envelope of truncated messages reflects the length of the entire message, not the length of this packet. RFC 3652 Page 24 The PO flag takes precedence; when the PO flag is set, the client will never be authenticated and will not see a secret value even if a specific index is requested. RFC 3652 Page 37 It is acceptable to replace an HS_ADMIN value with a non-HS_ADMIN value or vice versa. The required permissions are MODIFY_VALUE plus either ADD_ADMIN or REMOVE_ADMIN.