Hi all, I was investigating how libcloud does it's TLS, in the wake of POODLE. Right now we're pretty much doing the whole pipeline ourselves, and I think this is a bit unfortunate: we're a cloud abstraction library, we really shouldn't be in the business of configuring cryptographic protocols!
Long term, I'd like to outsource our HTTPS handling entirely to something like requests. In the short term, I want to clean up various bits of this. For starters, I've put together a patch which replaces our implementation of TLS certificate verification with the stdlib one (using the backport package on PyPI): https://github.com/apache/libcloud/pull/374 What do folks think about this? Alex -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: 125F 5C67 DFE9 4084
