Marshall Pierce

I would prefer to support all algorithms if you're OK with the necessary API changes, and `verify_with_spki` seems like a practical way to do that. I'll take a stab at...

1. Pulling over `verify_signature` that accepts a `SignatureAlgorithm` means pulling in all the static structs like `pub static ECDSA_P256_SHA256: SignatureAlgorithm`, which also means pulling in all the algorithms (`const ECDSA_P256:...

Sounds good. Sorry for the hand-holding; I'm new to rust (and these projects) and I'd rather get your suggestions early than late. I like the `spki` name -- it's more...

Hm, interesting. Maybe webpki really is a better home for this. I didn't even consider looking in webpki for this because in my head webpki was for validating x509 cert...

OK, I'll proceed with moving it to ring as in https://github.com/briansmith/ring/issues/370#issuecomment-266169221.

Beyond just trimming unused dependencies being a nice thing for simplicity, another motivation here is to avoid having to do security review on `minimal-lexical` and its liberal use of unsafe...

Thanks! I'll look at the CI issue; it's not related to your change.

Should be fixed upstream now; rebase or merge and it should pass.

Thanks!

I'm quite happy to rearrange APIs to have nice new features, but `unsafe` is going to be a pretty hard sell. It adds quite a burden on users who are...