> [[email protected] - Tue Aug 18 16:44:00 2009]: > > Steve, > > You may be correct, however, while I am aware of some ASN.1 types that > are defined as GeneralizedTime, I am not aware of any that are defined > as UTCTime, as this would make it impossible to denote times after > 2049. I checked draft-ietf-pkix-new-asn1-07.txt and > draft-ietf-smime-new-asn1-07.txt, and while GeneralizedTime appears in > both of them several times, UTCTime only appears in the definition of > Time. >
I'm not aware of any either, however OpenSSL's ASN1 code is used to encode all manner of structures some private so I can't rule out that case. I've applied a fix in a different way so OpenSSL can tell if the ASN1_TIME structure is reused. This now correctly generates CRLs with dates outside the UTCTime range. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
