[Python-Dev] Enable Hostname and Certificate Chain Validation
Christian Heimes
christian at python.org
Wed Jan 22 14:29:04 CET 2014
More information about the Python-Dev mailing list
Wed Jan 22 14:29:04 CET 2014
- Previous message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Next message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 22.01.2014 12:45, Nick Coghlan wrote: > We also have to account for the fact that an awful lot of Python > applications are corporate ones relying on perimeter defence for > security, or private CAs, or just self-signed certificates that their > users have already accepted. There are limits to the amount of > backwards incompatible change users will tolerate, and at this point > in time we're still trying to get people to accept proper Unicode > support. Side note: Users can simple add self-signed certs to OpenSSL's cert store and get validation for free. It's possible to do that with an environment variable, too. But I recommend against the environment variable because you may overwrite to operating store. Christian
- Previous message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Next message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list