|
|
 |
VeriSign's Year 2000 Policy -
Year 2000 Readiness Disclosure
VeriSign's certificates are compliant with international standards* that address the Year 2000 problem. We have undertaken a comprehensive review and established an action plan assuring that our services remain undisrupted or otherwise affected by such problems.
However, VeriSign certificates are only one component within a security solution. For example, applications must properly interpret dates within the certificate to eliminate all Year 2000 risks associated with certificate use.
Consequently, as stated in our Certification Practice Statement and elsewhere, VeriSign cannot control or otherwise curtail the impact of failure or compromise of such applications and services owned or operated by third parties, including those owned or operated by Internet Service Providers and other non-VeriSign entities.
This information is being designated a Year 2000 Readiness Disclosure, under the terms of the Year 2000 Information and Readiness Disclosure Act. Please be aware that the solutions and information described in this policy and elsewhere on VeriSign's web site are not universally applicable, but instead apply uniquely to VeriSign.
For the technical reader
* The latest version of the X.509 ITU-T Recommendation (ISO/IEC 9594-8:1997 standard) specifies both a 2-digit year format (ASN.1 UTCTime) and a 4-digit year format (ASN.1 GeneralizedTime). The 2-digit format is interpreted as follows: If the 2-digit value is 00 through 49 inclusive, the value shall have 2000 added to it; if the 2-digit value is 50 through 99 inclusive, the value shall have 1900 added to it. The Internet PKIX Profile has further specified that the 2-digit format shall be used for all dates up to the end of year 2049, and the 4-digit format shall be used for all subsequent dates.
VeriSign's Year 2000 Compliance Statement
|
|
|
