|
IEEE 802.1ARce (latest draft addendum) specifies: 8.7 validity The time period over which the DevID issuer expects the device to be used. All times are stated in the Universal Coordinated Time (UTC) time zone. Times up to and including 23:59:59 December 31, 2049 UTC are encoded as UTCTime as YYMMDDHHmmssZ. Times later than 23:59:59 December 31, 2049 UTC are encoded as GeneralizedTime as YYYYMMDDHHmmssZ. The time the DevID is created is encoded in the notBefore field of DevID certificates. Each DevID chain certificate has a notBefore value that encodes a time that is the same as or prior to that of any DevID certificate that relies on the chain for certificate validation. The latest time a DevID is expected to be used is encoded in the notAfter field of the DevID certificate. Each DevID chain certificate has a notBefore value that encodes a time that is the same as or later than that of any DevID certificate that relies on the chain for certificate validation. Devices possessing an IDevID are expected to operate indefinitely into the future and should use the GeneralizedTime value 99991231235959Z (10) in the notAfter field of IDevID certificates. Solutions verifying a DevID are expected to accept this value indefinitely. Values in notAfter fields are treated as specified in RFC 5280. Footnote: (10) This value corresponds to one second before the year 10 000; note the creation of an opportunity for the Y10K bug fix industry. ===================== It is really rare to find humor in IEEE specifications! Bob On 09/12/2017 11:39 AM, Alejandro
Pulido wrote:
|
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
