[Cryptography-dev] Certificate Chain Verification
Benn Bollay
benn.bollay at gmail.com
Thu Oct 29 18:40:20 EDT 2015
Ouch, that's a bummer of a response.
What's the alternative for me before this code gets sorted? Convert the
x509 and public_key to PEM and cross-load them into, I dunno, pyOpenSSL or
m2crypto or something else? (suggestions welcome).
Cheers,
--B
On Thu, Oct 29, 2015 at 1:22 PM, Peter Hamilton <
peter.allen.hamilton at gmail.com> wrote:
> Hi Benn,
>
> I'm still new to the cryptography community but I am currently working on
> adding a certificate validation feature that will do just this. I'm hoping
> to get the code up for it soon. Right now, I believe you would need to
> manually check the signer names, the signatures, and validity dates
> yourself to verify the whole chain. See the following pull request for a
> little more information:
>
> https://github.com/pyca/cryptography/pull/2387
>
> Cheers,
> Peter
>
> On Thu, Oct 29, 2015 at 3:58 PM, Benn Bollay <benn.bollay at gmail.com>
> wrote:
>
>> Hello folks -
>>
>> Given a set of certificates, I'd like to verify that the chain is
>> cryptographically correct, all of the certificates are chronologically
>> valid, and so forth.
>>
>> Cheers,
>> --B
>>
>> _______________________________________________
>> Cryptography-dev mailing list
>> Cryptography-dev at python.org
>> https://mail.python.org/mailman/listinfo/cryptography-dev
>>
>>
>
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20151029/79c3ae6c/attachment.html>
More information about the Cryptography-dev
mailing list