I raised many of these same UTCT issues over a year ago on PEM-DEV, and the
jist of the consensus as I understood it then (and with which I have become
resigned to live, although no necessarily agree) was that:
1. UTCT is a string, and is itself the DER encoding. Therefore the UTCT
string must be retained as presented within any signed object, in order
assure validation.
2. The form of the UTCT chosen for use with X.500 (from all the possible ISO
2014/3307/4031/etc possibilities) was abysmal -- not only for the extra
burden it puts on programs for date compare, but also for the ambiguity
that will exist late in the next century.
If one considers the use of digital signatures not just for electronic mail
but as a substitute for signatures on electronic documents, the questions
raised by systematically ignoring the century become more troubling.
Of course, within the next few decades this could be "cured" by ISO by
introducing various "hacks" -- such as creating a new-UTCT universal ASN.1
type which would include, e.g., a 4 digit year -- and mandating that all date
encoding after, say, 2050 must use the new format.
If it had been done right in the first place, then no such change would be
necessary, nor could there be any ever be any ambiguity about the period.
Maybe this really isn't a big deal (or as the saying goes: "what will this
matter a hundred years from now?"), but it seems a shame that an international
standard is so ill designed for long term usage.
Who has the wherewithal to fix the standard?
Addison Fischer.