[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] Minuets of Discussion at 12 noon, Februar y 1
On Mon, 4 Feb 2002, Hallam-Baker, Phillip wrote: > > If we are to get really ansy about this 61 is actually a valid value for > seconds. Leap seconds are introduced about once a decade or so. Ah, more often then you think. Leap Seconds happen every 1 to 2 years. 23 have been made since 1972. And there is never a 61. From NIST: All leap seconds listed in the table are positive leap seconds, which means an extra second is inserted into the UTC time scale. The sequence of events is: 23h 59m 59s - 23h 59m 60s - 00h 00m 00s Note: No positive leap second will be introduced at the end of June 2002. Leap Seconds Inserted into the UTC Time Scale Date 1998-12-31 1997-06-30 1995-12-31 1994-06-30 1993-06-30 1992-06-30 1990-12-31 1989-12-31 1987-12-31 1985-06-30 1983-06-30 1982-06-30 1981-06-30 1979-12-31 1978-12-31 1977-12-31 1976-12-31 1975-12-31 1974-12-31 1973-12-31 1972-12-31 1972-06-30 -Polar > > The problem with the X.509 approach is that you can actually end up with > a hole in the cert coverage over the leap second. That is not a biggie > in the X.509 framework since you then don't trust the cert for a second. > > However that type of thing could be a major problem with an attribute > assertion which might well have blocking semantics so a DoS would be > significant. > > Phill > > > > Phillip Hallam-Baker FBCS C.Eng. > Principal Scientist > VeriSign Inc. > pbaker@verisign.com > 781 245 6996 x227 > > > > -----Original Message----- > > From: Stephen Farrell [mailto:stephen.farrell@baltimore.ie] > > Sent: Monday, February 04, 2002 7:33 AM > > To: Mishra, Prateek > > Cc: 'security-services@lists.oasis-open.org'; 'joe_pato@hp.com' > > Subject: Re: [security-services] Minuets of Discussion at 12 noon, > > February 1 > > > > > > > > Folks, > > > > Notes from Friday's call look good. > > > > > (4) Time Issue: > > > > Just FYI for whoever's writing up the relevant text, here's [1] > > a useful internet draft, with some background and describing > > some of the relevant issues. Probably not something we want to > > reference at this stage (its up for IESG review, so some months > > from being an rfc probably). > > > > Note that saying "add one second" (if we do) could be error > > prone, though in reality probably only in the presence of an > > attack, since according to this draft you could get a value > > of "61" that way;-) > > > > Stephen. > > > > [1] > > http://www.ietf.org/internet-drafts/draft-ietf-impp-datetime-05.txt > > > > > > -- > > ____________________________________________________________ > > Stephen Farrell > > Baltimore Technologies, tel: (direct line) +353 1 881 6716 > > 39 Parkgate Street, fax: +353 1 881 7000 > > Dublin 8. mailto:stephen.farrell@baltimore.ie > > Ireland http://www.baltimore.com > > > > ---------------------------------------------------------------- > > To subscribe or unsubscribe from this elist use the subscription > > manager: <http://lists.oasis-open.org/ob/adm.pl> > > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC