Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2011-May/111732.html below:

[Python-Dev] Sniffing passwords from PyPI using insecure connection

• Previous message: [Python-Dev] Sniffing passwords from PyPI using insecure connection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/31/2011 1:04 PM, anatoly techtonik wrote:
> Hi,
>
> I'd like to escalate http://bugs.python.org/issue12226 : 'use secured
> channel for uploading packages to pypi' to be shipped with next Python
> 2.6+
> This will prevent pydotorg password sniffing when submitting packages
> through public networks (such as hotels).

The requested one character change is
-    DEFAULT_REPOSITORY = 'http://pypi.python.org/pypi'
+    DEFAULT_REPOSITORY = 'https://pypi.python.org/pypi'

If Tarek (or perhaps Eric) agree that it is appropriate and otherwise 
innocuous, then Martin and Barry can decide whether to include in 2.5/2.6.

Terry Jan Reedy

• Previous message: [Python-Dev] Sniffing passwords from PyPI using insecure connection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4