Donald Stufft <donald <at> stufft.io> writes: > > > > Just a follow up. > - OAuth is busted > > > These two issues existed prior to the migration as far as I can tell.
Correct. We've discussed Oauth in IRC and this ticket has existed since late last year: - https://bitbucket.org/pypa/pypi/issue/85/oauth-authorise-not-found-https-must-be I'm bringing it up now because I'm still interested in seeing it fixed. IIUC MvL correctly, it happened around the time of the CDN switch. In any event, there is a portion of traffic going to/from PyPI unencrypted and PyPI needs it to be encrypted. This leads to the confusing error message when trying to do OAuth over "https". You talk https to the end point, and the end point (seemingly) responds "I need this to be https". _______________________________________________ Distutils-SIG maillist - [email protected] https://mail.python.org/mailman/listinfo/distutils-sig
