Marc-Andre Lemburg added the comment: Those are nice ideas, but you are forgetting two important points:
* browsers are typically only being used by single users, applications by potentially hundreds or thousands of users * how should the poor sys admin who's task it is to keep Python up to date know which SSL certs to add to the trust store ? E.g. assume your application fetches user comments for sentiment analysis from a few thousand sites, or gathers status updates from a few hundred routers and switches you have installed at your site, or even more difficult: an application which tries to map your IT world of a few thousand network nodes, scanning port 443 for useful information. For eGenix PyRun we have now implemented an env var PYRUN_HTTPSVERIFY which can be set to 0 to disable the checks and revert back to Python 2.7.8 standards, if necessary, on a per process basis. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue23857> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
