Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2014-August/136085.html below:

Enabling certificate validation by default!

• Previous message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Next message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 31 August 2014 18:29, Antoine Pitrou <antoine at python.org> wrote:
> If an application has special needs that require trusting a self-signed
> certificate, then it should expose a configuration setting to let users
> specify the cert's location.

I can't see how that would be something the application would know.
For example, pip allows me to specify an "alternate cert bundle" but
not a single additional cert. So IIUC, I can't use my local index that
serves https using a self-signed cert. I'd find it hard to argue that
it's pip's responsibility to think of that use case - pretty much any
program that interacts with a web service *might* need to interact
with a self-signed dummy version, if only under test conditions.

Or did you mean that Python should provide such a setting that would
cover all applications written in Python?

Paul

• Previous message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Next message: [Python-Dev] PEP 476: Enabling certificate validation by default!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4