[Python-Dev] PEP476: Enabling certificate validation by default (original) (raw)

Guido van Rossum guido at python.org
Sat Sep 20 00:06:27 CEST 2014

The PEP doesn't specify any of the API changes for Python 2.7. I feel it is necessary for the PEP to show a few typical code snippets using urllib in Python 2.7 and how one would modify these in order to disable the cert checking.

There are also a few typos; especially this paragraph puzzled me:

This will be acheived by adding a new ssl._create_default_https_context function, which is the same as ssl.create_default. http.client can then replace it's usage of ssl._create_stdlib_context with the new ssl._create_default_https_context.

(1) spelling: it's achieved, not achieved

(2) method name: it's ssl.create_default_context, not ssl.create_default

(3) There's not enough whitespace (in the rendered HTML on legacy.python.org) before http.client -- I kept reading it as "... which is the same as ssl.create_default.http.client ..."

(4) There's no mention of the Python 2 equivalent of http.client.

Finally, it's kind of non-obvious in the PEP that this affects Python 2.7.X (I guess the one after the next) as well as 3.4 and 3.5.

On Fri, Sep 19, 2014 at 9:53 AM, Alex Gaynor <alex.gaynor at gmail.com> wrote:

Hi all,

I've just updated the PEP to reflect the API suggestions from Nick, and the fact that the necessary changes to urllib were landed. I think this is ready for pronouncement, Guido? Cheers, Alex

Python-Dev mailing list Python-Dev at python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/guido%40python.org

-- --Guido van Rossum (python.org/~guido) -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20140919/a83f8bab/attachment-0001.html>

More information about the Python-Dev mailing list