The error message "The message is expired" (WSSecurityException.MESSAGE_EXPIRED) is returned for the case of
timeStamp.isExpired() as well as when the created timestamp is in the future
in the org.apache.ws.security.validate.TimestampValidator.
When a client has a clock set a few minutes in the future (or past), their timestamp fails verification in the verifyCreated method in the Timestamp, the return of message expired is misleading and can cause a user to look in the wrong place. Maybe "The message timestamp is out of range!?"