- jmc@cvs.openbsd.org 2012/08/15 18:25:50

[ssh-keygen.1]
     a little more info on certificate validity;
     requested by Ross L Richardson, and provided by djm

ChangeLog

@@ -1,3 +1,10 @@
+20120906
+ - (dtucker) OpenBSD CVS Sync
+   - jmc@cvs.openbsd.org 2012/08/15 18:25:50
+     [ssh-keygen.1]
+     a little more info on certificate validity;
+     requested by Ross L Richardson, and provided by djm
+
 20120830
  - (dtucker) [moduli] Import new moduli file.
 

ssh-keygen.1

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.109 2012/07/06 00:41:59 dtucker Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.110 2012/08/15 18:25:50 jmc Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 6 2012 $
+.Dd $Mdocdate: August 15 2012 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -628,7 +628,9 @@ The
 option allows specification of certificate start and end times.
 A certificate that is presented at a time outside this range will not be
 considered valid.
-By default, certificates have a maximum validity interval.
+By default, certificates are valid from
+.Ux
+Epoch to the distant future.
 .Pp
 For certificates to be used for user or host authentication, the CA
 public key must be trusted by