RFR 8181841: A TSA server returns timestamp with precision higher than milliseconds
Michael StJohns
mstjohns at comcast.net
Wed Jun 14 01:27:42 UTC 2017
Hi Max -
I think I pushed the wrong button and sent out the wrong email. My
original email had this (limit is 6 digits) comment in it, but I'd
actually decided not to send it because I couldn't find a definitive source.
X.680 used the phrase "a time of day, to any of the precisions defined
in ISO 8601..." (clause 42.2 (b) ) and I'd found another reference that
suggested that 6 digits was the maximum "defined" precision. But I
couldn't find an actual version of 8601 so I wasn't sure if the
reference was reasonably interpreting 8601 so I'd decided not to send.
So what I'm saying is - ignore my email. Sorry.
Mike
On 6/12/2017 9:48 PM, Weijun Wang wrote:
>
>
> On 06/13/2017 09:44 AM, Weijun Wang wrote:
>> Hi Michael
>>
>> I cannot access ISO 8601 but according to
>> https://en.wikipedia.org/wiki/GeneralizedTime:
>>
>>> A GeneralizedTime is a time format in the ASN.1 notation. It consists
>>> of a string value representing the calendar date, as defined in ISO
>>> 8601, a time of day with an optional fractional seconds element and
>>> the optional local time differential factor as defined in ISO 8601.
>>>
>>> In contrast to the UTCTime class of ASN.1 the GeneralizedTime uses a
>>> four-digit representation of the year to avoid possible ambiguity.
>>> Another difference is the possibility to encode time information of
>>> any wanted precision via the fractional seconds element.
>>
>> So my understanding is that ISO 8601 is only for "the optional local
>> time differential factor", and it does mention "any wanted precision".
>
> Oh, ISO 8601 is for "the calendar date" and "the optional local time
> differential factor", but not "a time of day with an optional
> fractional seconds element".
>
> --Max
>
>>
>> In fact, I tried to generate a DER encoding of a GeneralizedTime with
>> a long fractional part and "openssl asn1parse" accepts it and
>> displays all the digits.
>>
>> I can read X.680 but it does not mention any restriction.
>>
>> Thanks
>> Max
>>
>> On 06/13/2017 01:07 AM, Michael StJohns wrote
>>> The actual bound in GeneralizedTime is 6 digits of fractional time
>>> (according to ISO 8601) or 25 characters. That should still continue
>>> to be enforced.
>>>
More information about the security-dev
mailing list