Fix reference and description of OCSP lint (#937)

Co-authored-by: Christopher Henderson <chris@chenderson.org>

Author: kowshikRoy

v3/lint/source.go

@@ -32,6 +32,7 @@ const (
 	RFC5280                       LintSource = "RFC5280"
 	RFC5480                       LintSource = "RFC5480"
 	RFC5891                       LintSource = "RFC5891"
+	RFC6960                       LintSource = "RFC6960"
 	RFC6962                       LintSource = "RFC6962"
 	RFC8813                       LintSource = "RFC8813"
 	CABFBaselineRequirements      LintSource = "CABF_BR"
@@ -57,6 +58,7 @@ func (s *LintSource) UnmarshalJSON(data []byte) error {
 		RFC5280,
 		RFC5480,
 		RFC5891,
+		RFC6960,
 		RFC6962,
 		RFC8813,
 		CABFBaselineRequirements,

v3/lints/rfc/lint_ocsp_this_update_not_after_produced_at.go

@@ -23,24 +23,22 @@ import (
 type OCSPThisUpdateNotAfterProducedAt struct{}
 
 /*
-***********************************************
-RFC 5280: 5.3.1
-
-	CRL issuers are strongly
-	  encouraged to include meaningful reason codes in CRL entries;
-	  however, the reason code CRL entry extension SHOULD be absent instead
-	  of using the unspecified (0) reasonCode value.
-
-***********************************************
+RFC 6960: 2.4
+thisUpdate      The most recent time at which the status being
+                indicated is known by the responder to have been
+                correct.
+producedAt      The time at which the OCSP responder signed this
+                response.
 */
+
 func init() {
 	lint.RegisterOcspResponseLint(&lint.OcspResponseLint{
 		LintMetadata: lint.LintMetadata{
 			Name:          "e_this_update_not_after_produced_at",
-			Description:   "If a CRL entry has a reason code, it MUST be in RFC5280 section 5.3.1 and SHOULD be absent instead of using unspecified (0)",
-			Citation:      "RFC 5280: 5.3.1",
-			Source:        lint.RFC5280,
-			EffectiveDate: util.RFC5280Date,
+			Description:   "The value of thisUpdate MUST be prior to the time at which the response is produced, i.e., the value of producedAt",
+			Source:        lint.RFC6960,
+			Citation:      "RFC 6960: 2.4",
+			EffectiveDate: util.RFC6960Date,
 		},
 		Lint: NewOCSPThisUpdateNotAfterProducedAt,
 	})

v3/util/time.go

@@ -37,6 +37,7 @@ var (
 	RFC4630Date                = time.Date(2006, time.August, 1, 0, 0, 0, 0, time.UTC)
 	RFC5280Date                = time.Date(2008, time.May, 1, 0, 0, 0, 0, time.UTC)
 	RFC6818Date                = time.Date(2013, time.January, 1, 0, 0, 0, 0, time.UTC)
+	RFC6960Date                = time.Date(2013, time.June, 1, 0, 0, 0, 0, time.UTC)
 	RFC6962Date                = time.Date(2013, time.June, 1, 0, 0, 0, 0, time.UTC)
 	RFC8813Date                = time.Date(2020, time.August, 1, 0, 0, 0, 0, time.UTC)
 	CABEffectiveDate           = time.Date(2012, time.July, 1, 0, 0, 0, 0, time.UTC)