===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-keygen.1,v
retrieving revision 1.109
retrieving revision 1.110
diff -u -r1.109 -r1.110
--- src/usr.bin/ssh/ssh-keygen.1	2012/07/06 00:41:59	1.109
+++ src/usr.bin/ssh/ssh-keygen.1	2012/08/15 18:25:50	1.110
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.109 2012/07/06 00:41:59 dtucker Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.110 2012/08/15 18:25:50 jmc Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 6 2012 $
+.Dd $Mdocdate: August 15 2012 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -628,7 +628,9 @@
 option allows specification of certificate start and end times.
 A certificate that is presented at a time outside this range will not be
 considered valid.
-By default, certificates have a maximum validity interval.
+By default, certificates are valid from
+.Ux
+Epoch to the distant future.
 .Pp
 For certificates to be used for user or host authentication, the CA
 public key must be trusted by