[Python-Dev] Looking for volunteers to test Tulip on Windows (original) (raw)
Guido van Rossum guido at python.org
Sat Oct 19 18:22:36 CEST 2013
- Previous message: [Python-Dev] pip SSL
- Next message: [Python-Dev] possibility of shaving a stat call from imports
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
You should ask Glyph too. He supplied lots of useful info about cert checking on the python-tulip list.
On Sat, Oct 19, 2013 at 7:14 AM, Nick Coghlan <ncoghlan at gmail.com> wrote:
On 19 October 2013 22:44, Christian Heimes <christian at python.org> wrote: > Am 19.10.2013 00:56, schrieb Guido van Rossum: > A couple of months I had a long and fruitful discussion with MAL about > the issue. Egenix PyOpenSSL installer comes with a root CA bundle. He > tried a couple of approaches to handle trust settings with OpenSSL > means. Eventually MAL had to split up the bundle into multiple files for > each purpuse, see > http://www.egenix.com/company/news/eGenix-pyOpenSSL-Distribution-0.13.2.1.0.1.5.html > > We should really write a PEP about it, specify all details and get a > proper review from real experts. This stuff is super complex and highly > fragile. :(
At the very least, it would be good if you and/or MAL could review the cert verification in pip. PEP 453 makes that kinda important :) Cheers, Nick. -- Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
-- --Guido van Rossum (python.org/~guido) -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20131019/60f157af/attachment.html>
- Previous message: [Python-Dev] pip SSL
- Next message: [Python-Dev] possibility of shaving a stat call from imports
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]