take expirations into account #7
Description
see this article on what is wrong with the approach, also taken in this package: https://utcc.utoronto.ca/~cks/space/blog/linux/CARootStoreTrustProblem
This will likely need some adjustments to the x509 library, since now root certs validity is constrained to a certain date.