[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-users
Subject:    Re: Fencepost errors in certificate and OCSP validity
From:       Viktor Dukhovni <openssl-users () dukhovni ! org>
Date:       2020-10-28 15:44:36
Message-ID: 20201028154436.GP34643 () straasha ! imrryr ! org
[Download RAW message or body]

On Wed, Oct 28, 2020 at 04:32:56PM +0100, Jakob Bohm via openssl-users wrote:

> Recently, the EJBCA developers publicly warned (via the Mozilla root store
> policy mailing list) other CA vendors that they had incorrectly implemented
> the handling of the "notAfter" X509 field, resulting in certificates that
> lasted 1 second longer than intended.

I think that's patently ridiculous.  I'm inclined to dismiss any bug
reports along these lines with prejudice.

-- 
    Viktor.
[prev in list] [next in list] [prev in thread] [next in thread]