diff --git a/src/main/java/org/cobbzilla/util/security/RsaKeyPair.java b/src/main/java/org/cobbzilla/util/security/RsaKeyPair.java
index f11117c..d086dc0 100644
--- a/src/main/java/org/cobbzilla/util/security/RsaKeyPair.java
+++ b/src/main/java/org/cobbzilla/util/security/RsaKeyPair.java
@@ -15,6 +15,7 @@ import static org.apache.commons.lang3.RandomStringUtils.randomAlphanumeric;
 import static org.cobbzilla.util.daemon.ZillaRuntime.*;
 import static org.cobbzilla.util.io.FileUtil.*;
 import static org.cobbzilla.util.string.StringUtil.safeShellArg;
+import static org.cobbzilla.util.system.Bytes.KB;
 import static org.cobbzilla.util.system.CommandShell.exec;
 import static org.cobbzilla.util.system.CommandShell.execScript;
 
@@ -39,6 +40,8 @@ public class RsaKeyPair {
     }
 
     public static boolean isValidSshPublicKey (String key) {
+        // sanity checks, avoid writing large files to disk
+        if (empty(key) || key.length() < 200 || key.length() > 8*KB) return false;
         try {
             @Cleanup final TempDir temp = new TempDir();
             final File f = FileUtil.toFile(temp+"/key.pub", key);
diff --git a/src/main/java/org/cobbzilla/util/time/TimeUtil.java b/src/main/java/org/cobbzilla/util/time/TimeUtil.java
index c7efa87..0b4a55a 100644
--- a/src/main/java/org/cobbzilla/util/time/TimeUtil.java
+++ b/src/main/java/org/cobbzilla/util/time/TimeUtil.java
@@ -76,7 +76,7 @@ public class TimeUtil {
     }
 
     public static Long parseISO8601(String val) { return DATE_FORMAT_ISO_8601.parseMillis(val); }
-    public static String formatISO8601(long val) { return DATE_FORMAT_ISO_8601.print(val); }
+    public static String formatISO8601(long val) { return new DateTime(val).toString(); }
 
     public static Long parseWithLocale(String val, String locale) {
         for (DateTimeFormatter f : DATE_TIME_FORMATS) {