Description
A Haskell library for validating X.509 certificates and certificate revocation lists. It helps software decide whether a certificate chain is valid for a hostname, trust store, time, and policy context.
Developers use it in TLS and PKI code where certificate trust must be checked correctly. Validation mistakes can allow impersonation, so hostname checks, revocation handling, time checks, and trust anchors matter.