Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The lint lint_ev_valid_time_too_long has two issues:
(which is 366 + 365 + 31 + 31 + 30 = 823 days) for certs issued
before the 825-day change (CABF Ballot 193)
the EVGs
This updates the test to test for 27 months for certificates issued
prior to the Ballot 193 effective date. A number of certificates now
fail this check, either because they're used for code signing (but
reuse the same EV OID), or because they interpreted the validity
period as permitting "fractional months" (typically, in the form of
<24 additional hours).
Aligned with the interpretation of Ballot 193 that treats fractional
days as > 825 days, this treats fractional months as > 27 months.