[Python-Dev] PEP 476: Enabling certificate validation by default! (original) (raw)
Nick Coghlan ncoghlan at gmail.com
Wed Sep 3 00:12:16 CEST 2014
- Previous message: [Python-Dev] PEP 476: Enabling certificate validation by default!
- Next message: [Python-Dev] PEP 476: Enabling certificate validation by default!
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 1 Sep 2014 16:05, "Nick Coghlan" <ncoghlan at gmail.com> wrote:
The final change would be to seed the context factory map appropriately for the standard library modules where we wanted to keep the old default: for modname in ("nntplib", "poplib", "imaplib", "ftplib", "smtplib", "asyncio.selectorevents", "urllib.request", "http.client"): namedcontexts[modname] = createlegacycontext The list I have above is for all current uses of "sss.createstdlibcontext". The backwards incompatible part of PEP 476 would then just be about removing names from that list (currently just "http.client", but I'd suggest "asyncio.selectorevents" as another candidate, taking advantage of asyncio's provisional API status).
Update on this: Christian & I both like the SSL named context and customisation idea independently of the proposal to change the default behaviour, so we're going to write it up as a separate PEP.
Changing the default behaviour would then be reduced to a proposal to take a couple of module names off the "uses legacy SSL settings" list.
Cheers, Nick. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20140903/dee879dd/attachment.html>
- Previous message: [Python-Dev] PEP 476: Enabling certificate validation by default!
- Next message: [Python-Dev] PEP 476: Enabling certificate validation by default!
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]