[Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
Barry Warsaw
barry at python.org
Mon Jun 3 18:36:36 CEST 2013
More information about the Python-Dev mailing list
Mon Jun 3 18:36:36 CEST 2013
- Previous message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
- Next message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Jun 03, 2013, at 01:20 AM, Donald Stufft wrote: >So I would like to propose that CPython adopt the Mozilla SSL certificate >list and include it in core, and switch over the API's so that they verify >HTTPS by default. This is what most people are going to expect when using a >https url (Especially after learning that Python 2.x doesn't verify TLS, but >Python 3.x "does"). For the "verify HTTPS by default", do you mean specifically changing the cadefault argument to urllib.request.urlopen() to True? Note that I recently closed a bug related to this: http://bugs.python.org/issue17977 +1 for changing the default to True. -Barry -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: not available URL: <http://mail.python.org/pipermail/python-dev/attachments/20130603/8fb02bfe/attachment.pgp>
- Previous message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
- Next message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list