For 802.1AR certs, this date value is manditory.
I will be sending a output of that pem I sent earlier....
On 11/7/23 07:45, Mike Ounsworth wrote:
Crazy idea here, but the fact that notAfter is a mandatory field in
X.509 is a major headache in some cases. RFC 5280 defines the special
value
To indicate that a certificate has no well-defined expiration date,
the notAfter SHOULD be assigned the GeneralizedTime value of
99991231235959Z.
But in practice, this is not widely supported or even well-known
enough to be universally usable.
Idea: could notAfter be made optional in C509? When transcoding to
X.509 I suppose you would have to replace an absent notAfter with the
GeneralizedTime value of 99991231235959Z.
The same could maybe be considered for notBefore.
- Mike Ounsworth
/Any email and files/attachments transmitted with it are intended
solely for the use of the individual or entity to whom they are
addressed. If this message has been sent to you in error, you must not
copy, distribute or disclose of the information it contains. _Please
notify Entrust immediately and delete the message from your system._/
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
_______________________________________________
COSE mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cose
