Expiry of issuer's auth claim is not checked

[nedgar]

Looking through the query circuits, I see that they check the base claim's expiry, but not the auth claim's. Should they?

I know that in the example scenarios the auth claims are always self-issued, with no expiry. But is it possible for auth claims to be issued by another party, with an expiry?

https://github.com/search?q=repo%3Aiden3/circuits%20verifyExpirationTime&type=code

[nedgar]

FYI @OBrezhniev

[OBrezhniev]

Hi @nedgar! Auth claims must be self-issued and only using claims merkle tree. But in general auth claim expiration could be an interesting feature, we may consider adding the check.