[Cryptography-dev] x509 Certificate Validation
Paul Kehrer
paul.l.kehrer at gmail.com
Thu Nov 29 18:52:13 EST 2018
I'd recommend using pyOpenSSL in the short term (at this point it is a good
choice for TLS and cert validation since those are two things cryptography
does not do). For single cert key verification only it's easy to implement
that with what is available in cryptography now, but chain validation is a
much more complex problem. We do have some code for eventually doing
validation, but no timeline on when it might get finished.
-Paul
On November 30, 2018 at 1:16:38 AM, Jeff Ortel (jortel at redhat.com) wrote:
Hello, our project needs a python lib to validate that a client
certificate has been signed by a specific CA. Looking at the
cryptography package, it does not seem support this. Any
recommendations on how to proceed in the short term?
Thanks,
Jeff
[1] https://github.com/pyca/cryptography/issues/2381
_______________________________________________
Cryptography-dev mailing list
Cryptography-dev at python.org
https://mail.python.org/mailman/listinfo/cryptography-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20181129/2bd006eb/attachment.html>
More information about the Cryptography-dev
mailing list