[Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython) (original) (raw)

Antoine Pitrou solipsis at pitrou.net
Mon Jun 3 11:51:30 CEST 2013

• Previous message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
• Next message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 3 Jun 2013 21:37:10 +1200 Ben Hoyt <benhoyt at gmail.com> wrote:

I'm not familiar with Unix/Linux, but on Windows, if it's anything like mimetypes it'll be really hard to get consistent behaviour across different boxes/versions from the registry, or wherever certs might be stored on Windows. I'd much rather have a slightly outdated but consistent experience by default.

The problem with a "slightly outdated" CA store is that it can be a security risk.

Regards

Antoine.

• Previous message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
• Next message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list