[Bug 2440334] New: Review Request: python-truststore - Verify certificates using native system trust stores

[bugzilla via package-review]

https://bugzilla.redhat.com/show_bug.cgi?id=2440334

            Bug ID: 2440334
           Summary: Review Request: python-truststore - Verify
                    certificates using native system trust stores
           Product: Fedora
           Version: rawhide
                OS: Linux
            Status: NEW
         Component: Package Review
          Severity: medium
          Assignee: nob...@fedoraproject.org
          Reporter: benson_mu...@emailplus.org
        QA Contact: extras...@fedoraproject.org
                CC: package-review@lists.fedoraproject.org
  Target Milestone: ---
    Classification: Fedora



spec: https://fed500.fedorapeople.org/python-truststore.spec
srpm: https://fed500.fedorapeople.org/python-truststore-0.10.1-1.fc43.src.rpm

description:
Truststore is a library which exposes native system certificate stores
(ie "trust stores") through an ssl.SSLContext-like API. This means that
Python applications no longer need to rely on certifi as a root certificate
store. Native system certificate stores have many helpful features compared
to a static certificate bundle like certifi:

- Automatically update certificates as new CAs are created and removed
- Fetch missing intermediate certificates
- Check certificates against certificate revocation lists (CRLs) to avoid
  monster-in-the-middle (MITM) attacks
- Managed per-system rather than per-application by a operations/IT team
- PyPI is no longer a CA distribution channel

Right now truststore is a stand-alone library that can be installed globally in
your application to immediately take advantage of the benefits in Python 3.10+.
Truststore has also been integrated into pip 24.2+ as the default method for
verifying HTTPS certificates (with a fallback to certifi).

fas: fed500

Reproducible: Always


-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
https://bugzilla.redhat.com/show_bug.cgi?id=2440334

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202440334%23c0

-- 
_______________________________________________
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/package-review@lists.fedoraproject.org
Do not reply to spam, report it: 
https://forge.fedoraproject.org/infra/tickets/issues/new