IETF Logo Mail Archive

Re: [pkix] World's smallest well-formed certificate

"David A. Cooper" <david.cooper@nist.gov> Thu, 19 May 2016 13:32 UTC

Return-Path: <david.cooper@nist.gov>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1CA3412D13D for <pkix@ietfa.amsl.com>; Thu, 19 May 2016 06:32:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.903
X-Spam-Level:
X-Spam-Status: No, score=-4.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.723, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aHCgp9OKdtfF for <pkix@ietfa.amsl.com>; Thu, 19 May 2016 06:32:01 -0700 (PDT)
Received: from wsget2.nist.gov (wsget2.nist.gov [IPv6:2610:20:6005:13::151]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3B2212D107 for <pkix@ietf.org>; Thu, 19 May 2016 06:32:00 -0700 (PDT)
Received: from WSXGHUB1.xchange.nist.gov (129.6.18.96) by wsget2.nist.gov (129.6.13.151) with Microsoft SMTP Server (TLS) id 14.3.248.2; Thu, 19 May 2016 09:31:52 -0400
Received: from postmark.nist.gov (129.6.16.94) by WSXGHUB1.xchange.nist.gov (129.6.18.96) with Microsoft SMTP Server (TLS) id 8.3.444.0; Thu, 19 May 2016 09:31:58 -0400
Received: from [129.6.54.72] (st26.ncsl.nist.gov [129.6.54.72]) by postmark.nist.gov (8.13.8/8.13.1) with ESMTP id u4JDVjek026620; Thu, 19 May 2016 09:31:45 -0400
To: Annie <a.yousar@informatik.hu-berlin.de>
References: <7b8c0b5a-2133-b094-2d09-e37efae98994@seantek.com> <af723bb1-9cf6-d18d-7d0a-3c709daa0a94@comodo.com> <CA+i=0E78phJHizoOniU3+wrJBWKbLhCKwZKVF5oLC0xwqV74GQ@mail.gmail.com> <fb33f32a-531b-5091-6fe2-53f6c92867fd@comodo.com> <0a1a9e85-3e23-f4f6-1a9b-48e566e1b2af@informatik.hu-berlin.de>
From: "David A. Cooper" <david.cooper@nist.gov>
Message-ID: <573DC041.1050307@nist.gov>
Date: Thu, 19 May 2016 09:31:45 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0
MIME-Version: 1.0
In-Reply-To: <0a1a9e85-3e23-f4f6-1a9b-48e566e1b2af@informatik.hu-berlin.de>
Content-Type: text/html; charset="windows-1252"
Content-Transfer-Encoding: 8bit
X-NIST-MailScanner-Information:
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/q8b7qV4sa-QMU5kPYRaBN-lgspM>
Cc: pkix@ietf.org
Subject: Re: [pkix] World's smallest well-formed certificate
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 May 2016 13:32:03 -0000

On 05/19/2016 09:14 AM, Annie wrote:
Explanation: the seconds in UTC time are optional.

Actually, this isn't correct. According to Clause 11 of X.690 (Restrictions on BER employed by both CER and DER):

11.8  UTCTime

11.8.1 The encoding shall terminate with "Z", as described in the ITU-T X.680 | ISO/IEC 8824-1 clause on UTCTime.

11.8.2  The seconds element shall always be present.

11.8.3  Midnight (GMT) shall be represented in the form:

              "YYMMDD000000Z"

where "YYMMDD" represents the day following the midnight in question.

11.8.4 Examples of valid representations

            "920521000000Z"
            "920622123421Z"
            "920722132100Z"

11.8.5 Examples of invalid representations

            "920520240000Z"      (midnight represented incorrectly)

             "9207221321Z"              (seconds of "00" omitted)



v2.23.0 | Report a Bug | By Email