[Python-Dev] PEP 476: Enabling certificate validation by default! (original) (raw)

Ethan Furman ethan at stoneleaf.us
Wed Sep 3 19:29:42 CEST 2014

• Previous message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Next message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 09/03/2014 10:15 AM, Alex Gaynor wrote:

Ethan Furman writes:

I apologize if I missed this point, but if we have the source code then it is possible to go in and directly modify the application/utility to be able to talk over https to a router with an invalid certificate? This is an option when creating the sslcontext? Yes, it's totally possible to create (and pass to http.client) an SSLContext which doesn't verify various things. My proposal is only about changing what happens when you don't explicitly pass a context.

Excellent. Last question (I hope): it is possible to (easily) create an SSLContext that will verify against a self-signed certificate?

-- Ethan

• Previous message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Next message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list