Description
Negative expiry values should throw an error. It is impossible to determine if the user means to disable expiry, or has accidentally make the expiry value too low (which in C-land will cause a wrap-around).
Currently it just wraps around to a time_t (or doesn't throw an error at least).