[99114] in North American Network Operators' Group
Re: PKI operators anyone?
daemon@ATHENA.MIT.EDU (Joel Jaeggli)
Thu Sep 6 03:38:35 2007
Date: Thu, 06 Sep 2007 00:36:12 -0700
From: Joel Jaeggli <joelja@bogus.com>
To: bmanning@vacation.karoshi.com
CC: John Curran <jcurran@mail.com>, Joe Maimon <jmaimon@ttec.com>,
North American Networking and Offtopic Gripes List <nanog@nanog.org>
In-Reply-To: <20070906065623.GB22844@vacation.karoshi.com.>
Errors-To: owner-nanog@merit.edu
bmanning@vacation.karoshi.com wrote:
>>> I dont see verisign roots expiring every five years.
>> I believe that they're on 30 years or so for the root CA
>> certificates, and shorter periods for the intermediates.
>>
>> /John
>>
>
> it was explained to me that the expiry date is after 2038
The verisign root CA public certs I have in my keyring that expire more
than 10 years from now expire either 08/01/2028 or 07/16/2036 which is
well before 03:14:07 UTC jan 19 2038.
Since my arch uses a signed 64bit int for time_t I'm assuming
calculations beyond that magic number won't be an issue for validating
the contents of my keyring.
> --bill
>
