PKI operators anyone?
joelja at bogus.com
Thu Sep 6 07:36:12 UTC 2007
bmanning at vacation.karoshi.com wrote:
>>> I dont see verisign roots expiring every five years.
>> I believe that they're on 30 years or so for the root CA
>> certificates, and shorter periods for the intermediates.
> it was explained to me that the expiry date is after 2038
The verisign root CA public certs I have in my keyring that expire more
than 10 years from now expire either 08/01/2028 or 07/16/2036 which is
well before 03:14:07 UTC jan 19 2038.
Since my arch uses a signed 64bit int for time_t I'm assuming
calculations beyond that magic number won't be an issue for validating
the contents of my keyring.
More information about the NANOG