Trickett Mark wrote:
>
> Please could you help we are urgently upgrading several and we are having
> trouble locating any Y2K compliance information for the following products
> :-
>
> Openssl - 1.03
That'll be because there isn't any. There isn't a version 1.03, either.
I thought there were some cert issues with expiration dates...
At 01:33 PM 4/20/99 -0400, Thomas Reinke wrote:
>This may not be the answer you are looking for, but we've used
>SSLeay for some of our own work (0.9.0b) and have not
>encountered any problems during our own Y2K testing. This does
>no
This may not be the answer you are looking for, but we've used
SSLeay for some of our own work (0.9.0b) and have not
encountered any problems during our own Y2K testing. This does
not say that there are any problems, just that in our usage
of the SSLv3 protocol, cert validation and encryption, we
> We are running 0.8.1 on one of our servers here, does anybody know the
> status of Y2K compatability for this version?
I think this depends on your operating system. The X.509v3 certs itself
are Y2K compatible. If you're useing a standard U*NX, you should be safe.
I suggest you to make a test:
Patrik Carlsson wrote:
>
> :-) Quite fun!
>
> I know some people using SSLeay 0.6.6 (I guess) for doing SSL connections and
> client certificate parsing. Should I advice them to upgrade to the latest
> version which is more - is it? - Y2K safe?
>
> BTW, are there any known major Y2K problems id
Jarvis Mckenzie wrote:
>
> please could send information/documentation on your preparations for 2000.
> fax #: 01223 847176. Thank you.
Some people amaze me.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work a
In message <[EMAIL PROTECTED]>, Ben Laurie writes:
>
> I seem to remember that PKIX decided that <50 was 20xx and >50 was 19xx
> (I know I've left out 50, I can't remember which way it went) and that
> we should use 4 digit in all new stuff.
Not quite.
After the usual Huge Argument, It was dec
Greetings,
FYI the relevant sections of RFC2459 are:
"CAs conforming to this profile MUST always encode certificate
validity dates through the year 2049 as UTCTime; certificate validity
dates in 2050 or later MUST be encoded as GeneralizedTime."
and...
"For the purposes of this pro
Russell Selph wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Actually, as far as I can tell, it's an ASN.1 problem. (And therefore an
> X.509 problem.) It looks like the ASN.1 UTCTIME type only supports two
> digit years. OPENSSL makes the assumption that any year less than 70
> Actually, as far as I can tell, it's an ASN.1 problem. (And therefore an
> X.509 problem.) It looks like the ASN.1 UTCTIME type only supports two
> digit years. OPENSSL makes the assumption that any year less than 70 is
> in the range 2000-2069, while any year greater than 69 is in the range
UTCTime's are two-digit years.
GENERALIZED time's are four-digit years.
The X509 data structures are generally a Time, which
is a CHOICE of either two; the IETF PKIX profile
specifies that 50-99 are 1900, 00-49 are 2000.
Stephen is adding support for all this to the
code base (and is basically don
-Original Message-
> From: Russell Selph [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, March 09, 1999 2:42 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Y2k-Problem in certificat-file index.txt?
>
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
>
db
On Tue, 9 Mar 1999, Yuriy Stul wrote:
> Date: Tue, 9 Mar 1999 16:35:22 +0200
> From: Yuriy Stul <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: RE: Y2k-Problem in certificat-file index.txt?
>
> Hello,
>I think it is not p
Hello,
I think it is not problem only for SSLeay or OpenSSL. It is problem for
MSIE and Netscape too.
Yuriy Stul.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Axel Findling
> Sent: Tuesday, March 09, 1999 3:03 PM
> To: [EMAIL PROTECTED]
> Sub
14 matches
Mail list logo
