CIRCL
Using UTC timezone for `time_first` & `time_last` datetime values
The recorded values for those fields are UTC timestamps.
I discovered the UTC timezone was not specified while playing with the Passive DNS MISP module, where I had different values displayed - and displayed only - between the first_seen field of the MISP object and the time_first attribute - same with respectively last_seen and time_last attribute - even though it is the same value that is used.
It is not as bad as I first thought it was in my case though, as MISP interprets datetime values with no specific timezone as UTC by default, and I had the timestamps converted into the right UTC datetime values in the final result on MISP Events/Attributes/Objects.
But I would still set the UTC timezone to avoid issue with third party services or scripts querying MISP modules and potentially parsing the results before pushing them to MISP.
This is only the MISP integration point of view, but I don't think it should break any code using pypdns, as the fields that are concerned by the change still have the exact same datetime format, the only difference is the timezone parameter.
Let me know if you see any blocker
I think it is correct, good catch. In Python a datetime without a TZ is considered as local TZ, but when importing from a timestamp (which is UTC), it will break it, you're 100% correct.
I'll validate it before merging.
