[Python-Dev] Enable Hostname and Certificate Chain Validation
Antoine Pitrou
solipsis at pitrou.net
Wed Jan 22 17:07:46 CET 2014
More information about the Python-Dev mailing list
Wed Jan 22 17:07:46 CET 2014
- Previous message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Next message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 22 Jan 2014 08:12:06 -0700 Eric Snow <ericsnowcurrently at gmail.com> wrote: > On Jan 22, 2014 6:17 AM, "M.-A. Lemburg" <mal at egenix.com> wrote: > > Using an environment switch the extra checks could even be enabled > > without any code changes. > > When Donald brought this up it sounded good. It still does. This is > similar to what we did for hash randomization. The comparison is baseless. Hash randomization is a language feature that can only be enabled at interpreter startup, and is at best a per-application decision. SSL settings, on the other hand, have to be decided per-client endpoint, not per-process, and they will depend on the external service you connect to rather than the way your code is written. I'm -1 on adding env vars because we can't agree on SSL configuration options. Regards Antoine.
- Previous message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Next message: [Python-Dev] Enable Hostname and Certificate Chain Validation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list