Paul Kehrer

What version of openssl? I can parse CT Precertificate SCTs with 1.0.2, but it's possible your pyopenssl isn't linked against that. To test you can run: ``` python -c "import...

Hmm, I'm not sure why you're having problems then. I believe `x509 -text` uses the same `X509V3_EXT_print` function we're calling, but maybe I'm mistaken?

`SSL_CTX_set1_sigalgs_list` is already bound (in `cryptography`, which pyOpenSSL uses), so you can submit a PR that adds a function calling it in pyOpenSSL without any additional work.

That attitude is extremely unproductive. As always, please try to remember that these are open source projects and someone has to actually do the work to fully understand the problem...

If there's a reliable reduced test case that reproduces this that's the next step in determining how to fix/work around the issue.

Unfortunately the issue here is that these errors don't reproduce with arbitrary Python on M1. I just tested that on my M1 Max running 3.10 from pyenv and had no...

@orosam thats another PR that needs rebasing sadly. 😬

On x86 (not x86_64) `time_t` is defined as a 32-bit value. Unfortunately this means verification past int32 max won't work. OpenSSL may have other APIs for this, but someone will...

If we're going to re-add examples we need a way to have them run in CI to prevent the bitrot we saw in past years. CI is also failing because...

This looks like we should have a convesration about a PKCS7 verification API on the `cryptography` side. In general most active development occurs with `cryptography` and over the years we've...