GrapheneOS on Nostr: nprofile1q…c0vpy For HTTPS network time, we make the certificate validation ignore ...

nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqxyj37c788shmwxgm2vakdger7tvpe5w972tqj6hlxtm8sfzckh4qfc0vpy (nprofile…0vpy) For HTTPS network time, we make the certificate validation ignore notBefore (accepting certificates which appear to be issued in the future) and we only compare notAfter against the OS build date rather than the current time. Since we have frequent OS updates, that's quite fine grained certificate expiry anyway. We use 6 day expiry Let's Encrypt certificates now and our OS updates tend to be at least every 2 weeks. Nearly everyone still uses 90 day or 1 year expiry certificates anyway.