[EMAIL PROTECTED] wrote:
Hello Jon,
> It appears from my testing that the expiry time on a certificate is taken
> from the client's machine time, not the server time. I've tested this with
> IE 5.01 SP1 and Netscape 4.77.
No the expiry time should be encoded in the certificate.
The element for the time should contain the offset to UTC (or Z-> UTC).
Only if no time zone information is set, local time should be used.
But don't expect the browsers to get that right.
(Especially not with Windows...)
By
Goetz
--
Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126
S/MIME Cryptographic Signature