A revocation request executes immediately in RSA Identity Governance and Lifecycle if the revocation date is defined beyond 03:14:07 UTC 19 January 2038
Originally Published: 2016-10-13
Article Number
Applies To
RSA Version/Condition: All
Issue
- Create a change request that adds access to a user.
- Set the revocation date to occur after the year 2038 (a revocation date of 2 October 2040 (10/02/40) is used in the example below).
- Note the automatically generated request to revoke the entitlement shows the fulfillment date as 10/02/2040, which is correct; but the fulfillment happens immediately, which is not correct.
Cause
The year 2038 problem is when certain computing systems (typically Unix or Unix-like 32-bit systems) will fail to encode times after 03:14:07 UTC on 19 January 2038 because of the way time values are currently stored on those systems. Here is a definition of the Year 2038 problem from Wikipedia:
"The Year 2038 problem is an issue for computing and data storage situations in which time values are stored or calculated as a signed 32-bit integer, and this number is interpreted as the number of seconds since 00:00:00 UTC on 1 January 1970 ("the epoch").[1] Such implementations cannot encode times after 03:14:07 UTC on 19 January 2038, a problem similar to but not entirely analogous to the "Y2K problem" (also known as the "Millennium Bug"), in which 2-digit values representing the number of years since 1900 could not encode the year 2000 or later. Most 32-bit Unix-like systems store and manipulate time in this "Unix time" format, so the year 2038 problem is sometimes referred to as the "Unix Millennium Bug" by association."
Resolution
