> Actually, as far as I can tell, it's an ASN.1 problem. (And therefore an
> X.509 problem.) It looks like the ASN.1 UTCTIME type only supports two
> digit years. OPENSSL makes the assumption that any year less than 70 is
> in the range 2000-2069, while any year greater than 69 is in the range
> 1970-1999.
> Can anyone shed light on whether this is part of the ASN.1 standard for
> UTCTIME? Even better, does anyone know if any other kind of date is
> useable in X.509 certs? Do other packages use the same cutoff year?
Somewhere around here I have a copy of the actual X.509 standards.
Can't find 'em right now, but I believe they say 00-49 is to be
interpreted as 21st century, 50-99 as twentieth.
-- Eric
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
