[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: X.509 validity period

To: ietf-pkix <ietf-pkix@xxxxxxxxxx>, OSIdirectory <OSIdirectory@xxxxxxxxxxxxx>, pki-twg-request <pki-twg-request@xxxxxxxxxxxxxxxxxxx>, pki-twg <pki-twg@xxxxxxxxxxxxxxxxxxx>, Warwick Ford <wford@xxxxxxxxxxxxxxxx>
Subject: RE: X.509 validity period
From: "Miklos, Sue A." <samiklo@xxxxxxxxxxxxxx>
Date: Thu, 03 Oct 96 12:31:00 EDT
Encoding: 45 TEXT

I have had similar requirements proposed and would like to discuss the 
possibility of adding the ability of CHOICE to the certificate time formats 
(UTC or GenTime).  I did briefly mention this to Warwick when I last saw him 
and he expressed concern over backwards compatibility.  I'd be happy to 
bring this up at the ISO editing meeting the end of this month if we can get 
some concensus...
Sandi
 ----------
From: pki-twg-request
To: OSIdirectory; pki-twg; ietf-pkix; Warwick Ford
Subject: X.509 validity period
Date: Wednesday, October 02, 1996 10:21AM

Talking about X.509 defects (as in Warwicks recent message), I have
come across a more fundamental issue which I would
like to get views.

I have a client who requires to be able to hold signed documents and
their certificates in a long term archive.

This necessitates the validity period of the certificates to be
potentially longer than 50 years.  The current validity period is
encoded in UTCTime which has a 2 digit year, which has to be adjusted
to cater for the century roll over giving a resolution of only 50
years.

Ideally, the validity period should be encoded in generalised
time.  Has anyone else identified similar concerns?

Nick Pope

 -------------------------------------

Security & Standards
Suite A
191 Moulsham St.
Chelmsford
Essex
CM2 0LG
U.K.

Tel: +44 1245 495018
Fax: +44 1245 494517

Prev by Date: Re: X.509 validity period
Next by Date: subscribe
Previous by thread: Re: X.509 validity period
Next by thread: Re[2]: X.509 validity period
Index(es):
- Date
- Thread