Hi there,

First off thanks for all the work in building this - crypto is a PITA.

After reading your docs, I had the following questions, which I think would be useful to cover (or clarify) for other people in the docs:

1. Have any cryptographers reviewed this library? If so who - were they internal or a hired 3rd party - which part(s) did they review? Your docs appear to be asking for a

TimestampSigner uses int(time.time()) to create timestamps, which will use the local timezone. However, it uses datetime.utcfromtimestamp to convert them into datetime objects, which will create naive datetime objects by interpreting the timestamp in the UTC timezone.

The fix should be to always write UTC timestamps. See [this StackOverflow question](https://stackoverflow.com/questions/

We should give useful debugging information for all of the fail states. Lack of comment match support results in fwknopd closing without a lot of useful output. We should either do better than the short warning about comment match, or add a more verbose output when fwknopd closes, in order to better inform the user what went wrong.

Currently XChaCha20 (with IETF ChaCha20) is tested directly with only one RFC test vector. Other than that, it's tested implicitly through XChaCha20Poly1305.

Like HChaCha20 is tested using [test vectors generated with Monocypher](https://gith

If calling decrypt on invalid data, such as this JSON string:

Each value should be checked (including encrypt/decrypt type) to make sure they're valid.

Commit 34c7af224c5b5fab6d89cd27bc82a43ad13c1985 changed the fields of S3Request and even what is sematically possible (no more unbounded "seconds to expiration" in requests). We need to fix the example and, if possible with the S3 api, re-work the request data structure to once again allow more flexibility in the signed URL timeframes.