On 08/29/2014 01:00 PM, M.-A. Lemburg wrote: > On 29.08.2014 21:47, Alex Gaynor wrote: >> >> I've just submitted PEP 476, on enabling certificate validation by default for >> HTTPS clients in Python. Please have a look and let me know what you think. > > Thanks for the PEP. I think this is generally a good idea, > but some important parts are missing from the PEP: > > * transition plan: > > I think starting with warnings in Python 3.5 and going > for exceptions in 3.6 would make a good transition > > Going straight for exceptions in 3.5 is not in line with > our normal procedures for backwards incompatible changes. > > * configuration: > > It would be good to be able to switch this on or off > without having to change the code, e.g. via a command > line switch and environment variable; perhaps even > controlling whether or not to raise an exception or > warning. > > * choice of trusted certificate: > > Instead of hard wiring using the system CA roots into > Python it would be good to just make this default and > permit the user to point Python to a different set of > CA roots. > > This would enable using self signed certs more easily. > Since these are often used for tests, demos and education, > I think it's important to allow having more control of > the trusted certs. +1 for PEP with above changes. -- ~Ethan~
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4