|Applies To||RSA Authenticator Utility (RAU) 1.0|
Microsoft Windows XP Professional SP2
RSA SecurID SID800 Authenticator
RSA BSAFE Cert-C
|Issue||RSA Authenticator Utility does not import digital certificate which has an expiration date of 2/3/2106|
|Cause||The problem is with RSA BSAFE Cert-C and the certificate having an expiration date of the year 2105. Cert-C uses UINT4 (unsigned 4 byte integer) types to store date and time values represented as seconds since January 1, 1970 00:00 UTC. The valid input range is from 0 which yields January 1, 1970 00:00 UTC to 4294967295 which yields February 6, 2106 06:28:15 UTC.|
Many of the standards implemented by Cert-C specify that GeneralizedTime can be used, which allows for dates beyond those that are able to be stored in a UINT4. Thus, Cert-C suffers from the Year 2106 problem by design.
Another issue is that, when ASN.1 parsing certificates, Cert-C currently does not allow full use of the possible date and time range. There is a Year 2099 limit hard-coded.
|Resolution||RSA Security hopes to resolve this issue in a future update to RSA BSAFE Cert-C that will then be used for future version of RSA Authenticator Utility (RAU) and other RSA products. So until then, the digital certificate cannot have an expiration date beyond 2099.|
|Legacy Article ID||a29167|