[Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7 (original) (raw)

Antoine Pitrou solipsis at pitrou.net
Thu Jun 1 06🔞12 EDT 2017

• Previous message (by thread): [Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7
• Next message (by thread): [Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 1 Jun 2017 20:05:48 +1000 Chris Angelico <rosuav at gmail.com> wrote:

As stated in this thread, OS-provided certificates are not handled by that. For instance, if a local administrator distributes a self-signed cert for the intranet server, web browsers will use it, but pip will not.

That's true. But:

1. pip could grow a config entry to set an alternative or additional CA path
2. it is not a "security fix", as not being able to recognize privately-signed certificates is not a security breach. It's a new feature

Regards

Antoine.

• Previous message (by thread): [Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7
• Next message (by thread): [Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list