On Nov 07, 2013, at 10:42 PM, Christian Heimes wrote: >You misunderstood me. I'm not proposing a global SSLContext object but a >factory function that creates a context for Python stdlib modules. Right >now every urllib, http.client, nntplib, asyncio, ftplib, poplib and >imaplib have duplicated code. I'd like to have ONE function that creates >and configures a SSLContext object with sensible default values for >Python stdlib. I'm sure you're considering this, but I want to explicitly preserve the ability to register self-signed certificates. It's often necessary in practice, but very useful for testing purposes. ssl.SSLContext.load_cert_chain() is the way to do this, but will this be exposed in your proposed factory function? If not, then I think it's critically important that whatever API is exposed in the client code not hide the SSLContext object, such that clients of the client code can load up those self-signed certificates after the context has been created. -Barry
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4