diff --git a/crypto/bn/bn_asn1.c b/crypto/bn/bn_asn1.c
index a148afcb..c84884c6 100644
--- a/crypto/bn/bn_asn1.c
+++ b/crypto/bn/bn_asn1.c
@@ -63,8 +63,7 @@ int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret) {
    * moduli. They last five years and are common enough that we need to work
    * around this bug. See https://crbug.com/532048.
    *
-   * TODO(davidben): Remove this code and callers in September 2019 when all the
-   * bad certificates have expired. */
+   * TODO(davidben): Remove this code and callers in March 2016. */
   return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL;
 }
 
diff --git a/crypto/evp/p_rsa_asn1.c b/crypto/evp/p_rsa_asn1.c
index 94a967a8..891e2562 100644
--- a/crypto/evp/p_rsa_asn1.c
+++ b/crypto/evp/p_rsa_asn1.c
@@ -96,7 +96,7 @@ static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) {
    * use negative moduli. They last five years and are common enough that we
    * need to work around this bug. See https://crbug.com/532048.
    *
-   * TODO(davidben): Switch this to the strict version in September 2019 or when
+   * TODO(davidben): Switch this to the strict version in March 2016 or when
    * Chromium can force client certificates down a different codepath, whichever
    * comes first. */
   CBS cbs;
diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
index 3f20acb5..100b2b46 100644
--- a/crypto/rsa/rsa_asn1.c
+++ b/crypto/rsa/rsa_asn1.c
@@ -120,8 +120,7 @@ RSA *RSA_parse_public_key_buggy(CBS *cbs) {
    * use negative moduli. They last five years and are common enough that we
    * need to work around this bug. See https://crbug.com/532048.
    *
-   * TODO(davidben): Remove this code and callers in September 2019 when all the
-   * bad certificates have expired. */
+   * TODO(davidben): Remove this code and callers in March 2016. */
   return parse_public_key(cbs, 1 /* buggy */);
 }