[Python-Dev] Let's make the SSL module sane
Antoine Pitrou
solipsis at pitrou.net
Mon Sep 12 08:01:15 EDT 2016
More information about the Python-Dev mailing list
Mon Sep 12 08:01:15 EDT 2016
- Previous message (by thread): [Python-Dev] Let's make the SSL module sane
- Next message (by thread): [Python-Dev] Let's make the SSL module sane
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 10 Sep 2016 20:23:13 +0200 Christian Heimes <christian at python.org> wrote: > > It's a bit too clever and tricky for my taste. I prefer 'explicit is > better than implicit' for trust anchors. My main concern are secure > default settings. A SSLContext should be secure w/o further settings in > order to prevent developers to shoot themselves in the knee. > > Missing root certs are not a direct security issue with CERT_REQUIRED. > The connection will simply fail. I'd rather improve the error message > than to auto-load certs. Agreed with all this. You don't want to have "magic" behaviour in a security-oriented module. Let people configure their contexts explicitly. As a reminder, people who don't want to configure TLS themselves should use an intermediate layer instead, such as ssl.create_default_context() or an application protocol implementation (httplib, etc.). Regards Antoine.
- Previous message (by thread): [Python-Dev] Let's make the SSL module sane
- Next message (by thread): [Python-Dev] Let's make the SSL module sane
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list