W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2022

Re: signatures vs sf-date

From: Ilari Liusvaara <ilariliusvaara@welho.com>
Date: Fri, 2 Dec 2022 17:01:29 +0200
To: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <Y4oTSfoMHkYLsbA1@LK-Perkele-VII2.locald>
On Fri, Dec 02, 2022 at 02:25:32PM +0000, Justin Richer wrote:
> 
> It could, but I don’t think it’s worth delaying signatures over. There
> are two timestamp fields (created and expires) with clear semantics,

- If signature is created during (positive) leap second, then the
  previous second is written as creation time[1], right?

- The expires is exclusive endpoint[2] (e.g., expiry at 2400Z is
  marked as expiry on 0000Z the next day), right? 


[1] All the APIs that give unix timestamps I have seen work this way.
However, adjtimex() (it does not just set the clock, it can get the
clock as well) return value can be used to correct the clock.

[2] One would think that expiry times are always exclusive, but X.509
has inclusive expiry time (e.g., expiry at 2400Z is marked as expiry
on 235959Z the same day).



-Ilari
Received on Friday, 2 December 2022 15:01:44 UTC

This archive was generated by hypermail 2.4.0 : Saturday, 28 January 2023 21:29:47 UTC