Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2013-June/126704.html below:

[Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)

• Previous message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
• Next message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/03/2013 11:34 AM, Antoine Pitrou wrote:
> On Mon, 3 Jun 2013 14:12:34 -0400
> Donald Stufft wrote:
>>
>> I worry with the current situation people will just use TLS connections without realizing it's not being verified and thinking they are "safe".
>
> Yet there's quite a visible warning in the docs:
> http://docs.python.org/dev/library/urllib.request.html

As has been been mentioned elsewhere, at the very least we should change cadefault to True for secure-type connections. 
  The dangerous/unexpected behavior should not be the default.

--
~Ethan~

• Previous message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
• Next message: [Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4