[Python-Dev] Enable Hostname and Certificate Chain Validation (original) (raw)
Jesse Noller jnoller at gmail.com
Wed Jan 22 15:12:49 CET 2014
- Previous message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Next message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Jan 22, 2014, at 8:03 AM, Christian Heimes <christian at python.org> wrote:
On 22.01.2014 14:55, Donald Stufft wrote: As an additional side note, anecdotal evidence and what not, but every time I bring this up somewhere I get at least one reply that looks similar to https://twitter.com/ojiidotch/status/425986619879866368 Yeah :( The ssl module documentation http://docs.python.org/3/library/ssl.html features a big red warning box for a good reason.
And no one reads it. I can't count the number of times I've gotten called into a managers office when they find out python doesn't do cert validation by default (and in 2, it's not been trivial) and gotten told to fix it, or we move off of python.
Donald is perfectly right: every time you point out to users that this is the default behavior the response is almost universally "you can't be serious, is this a joke?"
Python-Dev mailing list Python-Dev at python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/jnoller%40gmail.com
- Previous message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Next message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]