On Wednesday, November 12, 1997 2:35 PM, jsp(_at_)jgvandyke(_dot_)com
[SMTP:jsp(_at_)jgvandyke(_dot_)com] wrote:
It seems to me that it would be much simpler to have two separate
attributes: one for UTCTime and the other for GeneralizedTime. This
strategy allows the receiving application to quickly identify the flavor of
the signing time based on the OID identifying the attribute. IMHO, the
ChoiceOfTime just adds complexity because the receiving agent has to figure
out which choice was chosen.
The concern for me (as usual) is backwards compatibility. There is no
implementation complexity to using ChoiceOfTime with a sliding window,
since this gives implementors a grace period before implementing
GeneralizedTime -- use UTCTime through the year 2049 and use
GeneralizedTime for 2050 or after. This seems like it is the best
balance between compatibility and complexity.
If we have a separate OID identifying the GeneralizedTime attribute,
then the current implementations won't see it and won't be able to use
it. If we use the sliding window, nothing changes in applications until
around 2040.
Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103 Fax +1 425 882 8060