On Mon, 3 Jun 2013 12:43:32 -0400 Donald Stufft <don...@stufft.io> wrote: > > On Jun 3, 2013, at 5:51 AM, Antoine Pitrou <solip...@pitrou.net> wrote: > > > On Mon, 3 Jun 2013 21:37:10 +1200 > > Ben Hoyt <benh...@gmail.com> wrote: > >> > >> I'm not familiar with Unix/Linux, but on Windows, if it's anything > >> like mimetypes it'll be really hard to get consistent behaviour across > >> different boxes/versions from the registry, or wherever certs might be > >> stored on Windows. I'd much rather have a slightly outdated but > >> consistent experience by default. > > > > The problem with a "slightly outdated" CA store is that it can be a > > security risk. > > > > Regards > > > > Antoine. > > > > > > _______________________________________________ > > Python-Dev mailing list > > Python-Dev@python.org > > http://mail.python.org/mailman/listinfo/python-dev > > Unsubscribe: > > http://mail.python.org/mailman/options/python-dev/donald%40stufft.io > > Tracking the Mozilla store isn't difficult. New additions can be ignored for > currently released Pythons so we'd just need to watch them for blacklisting > certs and roll that into a security update.
Let's see if our security release managers want to do that job. Regards Antoine. _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
