-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Actually, as far as I can tell, it's an ASN.1 problem. (And therefore an
X.509 problem.) It looks like the ASN.1 UTCTIME type only supports two
digit years. OPENSSL makes the assumption that any year less than 70 is
in the range 2000-2069, while any year greater than 69 is in the range
1970-1999.
Can anyone shed light on whether this is part of the ASN.1 standard for
UTCTIME? Even better, does anyone know if any other kind of date is
useable in X.509 certs? Do other packages use the same cutoff year?
Of course, we know that nobody will still be using this software in 2070,
so it shouldn't be a problem anyway. Right? Ahem. :^O
Russ Selph - [EMAIL PROTECTED]
Architect, TIBCO Software Inc.
GnuPG Key Fingerprint: EAFF 6465 B6F9 1E67 81AB 7234 AE00 9E6A 8D36 FEF8
See http://www.pgp.net/ for key retrieval.
veni vidi gdb
On Tue, 9 Mar 1999, Yuriy Stul wrote:
> Date: Tue, 9 Mar 1999 16:35:22 +0200
> From: Yuriy Stul <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: RE: Y2k-Problem in certificat-file index.txt?
>
> Hello,
> I think it is not problem only for SSLeay or OpenSSL. It is problem for
> MSIE and Netscape too.
>
> Yuriy Stul.
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Axel Findling
> > Sent: Tuesday, March 09, 1999 3:03 PM
> > To: [EMAIL PROTECTED]
> > Subject: Y2k-Problem in certificat-file index.txt?
> >
> >
> > Hello,
> >
> > the certificat-dates (expiring and revokation) in the file
> > index.txt have only 2 digits for the year.
> > example:
> >
> > V 001231171617Z 00 ....
> > R 991231171617Z 990308171617Z 01 ....
> > ...
> >
> >
> > I don't think that's fine - but is it a Y2k-problem in
> > OpenSSL0.9.1c(patched) ??
> >
> > In the certificates (TXT-form) the dates have four
> > digits for the year so why there are only 2 digits used in index.txt?
> >
> > thanks for comments..
> >
> > Axel Findling
> > --------------------------------------------------------------------
> > Dr. Axel Findling -- Webmaster -- Leibniz-Rechenzentrum Muenchen
> > http://www.lrz-muenchen.de/persons/axel_findling.html
> >
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.3 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE25XlvrgCeao02/vgRAohKAKCGNWtQFAlOC8SEl3fzNZFPezIJiACgqVmS
342UeZo23baoaqmJdCswKCs=
=4nOP
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
