[Python-Dev] Simplify and unify SSL verification
Barry Warsaw
barry at python.org
Fri Nov 8 00:09:40 CET 2013
More information about the Python-Dev mailing list
Fri Nov 8 00:09:40 CET 2013
- Previous message: [Python-Dev] Simplify and unify SSL verification
- Next message: [Python-Dev] Simplify and unify SSL verification
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Nov 07, 2013, at 10:42 PM, Christian Heimes wrote: >You misunderstood me. I'm not proposing a global SSLContext object but a >factory function that creates a context for Python stdlib modules. Right >now every urllib, http.client, nntplib, asyncio, ftplib, poplib and >imaplib have duplicated code. I'd like to have ONE function that creates >and configures a SSLContext object with sensible default values for >Python stdlib. I'm sure you're considering this, but I want to explicitly preserve the ability to register self-signed certificates. It's often necessary in practice, but very useful for testing purposes. ssl.SSLContext.load_cert_chain() is the way to do this, but will this be exposed in your proposed factory function? If not, then I think it's critically important that whatever API is exposed in the client code not hide the SSLContext object, such that clients of the client code can load up those self-signed certificates after the context has been created. -Barry
- Previous message: [Python-Dev] Simplify and unify SSL verification
- Next message: [Python-Dev] Simplify and unify SSL verification
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list