Greetings,
FYI the relevant sections of RFC2459 are:
"CAs conforming to this profile MUST always encode certificate
validity dates through the year 2049 as UTCTime; certificate validity
dates in 2050 or later MUST be encoded as GeneralizedTime."
and...
"For the purposes of this profile, UTCTime values MUST be expressed
Greenwich Mean Time (Zulu) and MUST include seconds (i.e., times are
YYMMDDHHMMSSZ), even where the number of seconds is zero. Conforming
systems MUST interpret the year field (YY) as follows:
Where YY is greater than or equal to 50, the year shall be
interpreted as 19YY; and
Where YY is less than 50, the year shall be interpreted as 20YY."
Regards, Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
