On Jun 03, 2013, at 01:20 AM, Donald Stufft wrote: >So I would like to propose that CPython adopt the Mozilla SSL certificate >list and include it in core, and switch over the API's so that they verify >HTTPS by default. This is what most people are going to expect when using a >https url (Especially after learning that Python 2.x doesn't verify TLS, but >Python 3.x "does").
For the "verify HTTPS by default", do you mean specifically changing the cadefault argument to urllib.request.urlopen() to True? Note that I recently closed a bug related to this: http://bugs.python.org/issue17977 +1 for changing the default to True. -Barry
signature.asc
Description: PGP signature
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
