[Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython) (original) (raw)
Barry Warsaw barry at python.org
Mon Jun 3 18:52:00 CEST 2013
- Previous message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
- Next message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Jun 03, 2013, at 03:12 AM, Donald Stufft wrote:
That's fine with me too. My only reason for wanting to use the system certs first is so if someone has modified their system certs (say to include a corporate cert) that it would ideally take affect for Python as well.
This reminds me of one other thing. We have to make sure that the APIs (e.g urlopen()) continue to allow us to use self-signed certificates, if for no other reason than for testing purposes. OTOH, taking this away would be a backward incompatible change in API so probably wouldn't happen anyway.
-Barry -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: <http://mail.python.org/pipermail/python-dev/attachments/20130603/d930edbe/attachment.pgp>
- Previous message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
- Next message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]