Jonathan Vanasco

> These are all read-only (there is no `__setattr__`), so they would be better typed with `@property`, e.g. > > ``` > @property > def access_token(self) -> Any: ... >...

Thank you all for the review and fixing the Union + style changes. I'm copy/pasting between far too many windows and environments trying to handle this. After testing out the...

> Sorry for the lack of response here. At the minimum, a few changes are necessary to make CI pass. It might also be helpful to add test cases covering...

Yes. From what I’ve read, i think they ship two versions of OpenSSL, one with FIPS and one without it. It seems they package everything built against the version with...

We talked a bit about this on the LetsEncrypt forum. ISRG's Aaron Gable noted that @orangepizza's (IMHO brilliant) hack of discarding the first 4 bytes of the AKID extension could...

@orangepizza nice update. after some more back & forth with aaron gable regarding potential edge cases, i constructed a tool to build edge case certs. It seems the (likely) options...

> If there's functionality that's missing in cryptography to support this, please let me know! A bit off topic, but may be relevant to all in this thread: I just...

> if code believes... I have a low-cost "ensure_chain" that iterates the chain to matches subject/issuers, etc; it could check the keys as well. I just like testing the full...

@orangepizza I think your RFC parsing issues may have been due to testing against Pebble, which is using nanoseconds of precision in time. While go supports nanoseconds, Python does not....

> pebble currently doesn't have way to modify ARI result without revoking it: I may need to hack pebble ocsp server to return good for dedicated domains to make a...