pub(crate) fn check_cert_timeliness<C, CERT>(
checkable: C,
now: SystemTime,
clock_skew: ClockSkew,
) -> (Result<()>, CERT)where
C: Timebound<CERT, Error = TimeValidityError>,Expand description
Helper: given a time-bound input, give a result reflecting its
validity at now, and the inner object.
We use this here because we want to validate the whole handshake regardless of whether the certs are expired, so we can determine whether we got a plausible handshake with a skewed partner, or whether the handshake is definitely bad.