[botan-devel] Sanity check currently ends on year 2100

Ondrej Spanel ondrej at bistudio.com
Thu Apr 5 15:08:21 EDT 2012


 > Hah! Wow, keeping a cert for 100 years seems more that a little
 > ambitious. And I wouldn't want to put any odds on any key remaining
 > secure for that long, 100 years is a long time in Moore's Law
 > Land. But I suppose there is no reason to reject them out of hand.

While I agree with you in principle, I do not think a Botan library 
should reject them if someone creates them. The sanitization routine 
should reject insane data only, which would be over 9999 if 9999 is 
still within limits of a valid format.

Philosophically, are you sure the function 
X509_Time::passes_sanity_check will not be still around in 3000, hitting 
some poor fellow programmer in foot because it will reject completely 
sensible certificate with a validity period of 2995-3001 (with something 
like 16384b ECDSA key)? :)

The example cert expiring in 2012 was sent separately to your mail.

Best regards
Ondrej

On 5.4.2012 11:54, Ondrej Spanel wrote:
> Hello,
>
> the function X509_Time::passes_sanity_check currently considers all
> dates after 2100 to be "insane". The date seems quite close to me, and
> actually there already exist certificates which have expiry set to over
> 2100. One example are local self signed file encryption certificates of
> Microsoft Windows file system, which are issued to expire after 100
> years, i.e. a certificate you will get if you install a new user account
> today will have the expire date in 2112.
>
> I would suggest to increase this limit to some value which is not only
> unlikely, but really insane, like 100000. If you disagree with such
> change, please, at least increase the limit to 2200 to make sure the
> certificates mentioned can pass sanity check.
>
> Best regards
> Ondrej



More information about the botan-devel mailing list