Optional for the implementations. So basically your ssl library is unlikely to do it. And at that point having a "getTime()" API call in your service is simpler than having a custom patched SSL implementation.

Oh, common SSL libraries don't do it? Even then you can probably rely on a Date header being attached to all your existing requests.