I think if you check the issue tracker, there's already a patch for this somewhere, IIRC.
Bill Devin Cook <devin.c.c...@gmail.com> wrote: > Ok, thanks for all the feedback. Just for clarity, I'll summarize > everything as I understand it: > > * OpenSSL does the all validation of the certificate itself. > (http://openssl.org/docs/apps/verify.html) > * httplib should have a way to enable validation of the certificate. > * httplib should have a way to enable checking of the reference > identity. (that complies with section 3 of this draft: > http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-00) > * The reference identity checking (and cert validation, I assume) > shouldn't be automatic. (per Bill) > > Does that sound about right? I'll try to work up a patch tonight > implementing this. > > -Devin _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
