I'd recommend using pyOpenSSL in the short term (at this point it is a good choice for TLS and cert validation since those are two things cryptography does not do). For single cert key verification only it's easy to implement that with what is available in cryptography now, but chain validation is a much more complex problem. We do have some code for eventually doing validation, but no timeline on when it might get finished.
-Paul On November 30, 2018 at 1:16:38 AM, Jeff Ortel (jor...@redhat.com) wrote: Hello, our project needs a python lib to validate that a client certificate has been signed by a specific CA. Looking at the cryptography package, it does not seem support this. Any recommendations on how to proceed in the short term? Thanks, Jeff [1] https://github.com/pyca/cryptography/issues/2381 _______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
_______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
