[Python-Dev] Request for pronouncement on PEP 493 (HTTPS verification backport guidance) (original) (raw)

Barry Warsaw barry at python.org
Mon Nov 30 15:32:30 EST 2015

On Nov 27, 2015, at 04:04 PM, Nick Coghlan wrote:

New draft pushed: https://hg.python.org/peps/rev/f602a47ea795

This is a significant rewrite that switches the PEP to a Standards Track PEP proposing two new features for 2.7.12+: an "ssl.verifyhttpscertificates()" configuration function, and a "PYTHONHTTPSVERIFY" environment variable (although writing them together like that makes me wonder if the latter should now be "PYTHONVERIFYHTTPS" instead).

Thanks for this, and +1 on Stephen's suggested name change (which you've already pushed).

Two comments: the PEP still describes the configuration file implementation. Is this slated for 2.7.12 also? If not, should it just be dropped from the PEP?

I'd mildly prefer no default value for enable in _https_verify_certificates(). I'd have preferred a keyword-only argument, but of course this is Python 2. Instead, I'd like to force passing True or False (and document using enable=True or enable=False) and not rely on a default argument. But I'm only +0 on that detail.

Cheers, -Barry -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: <http://mail.python.org/pipermail/python-dev/attachments/20151130/32329a14/attachment.sig>

More information about the Python-Dev mailing list