Salz, Rich wrote: > Absolute lifetimes seem more robust; e.g., if you find one lying around, > you don't have enough context to know if it's still good or not. > > We went from relative to absolute times in ACME for this reason.
What should be memorized/stored is absolute time-of-creation. How long to consider it valid, is a local issue and not necessarily a constant validity period over time. When memorizing time-of-creation, you always know exactly how old something is, no matter whether how many times the local validity period was changed in the meantime. -Martin _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
