You should ask Glyph too. He supplied lots of useful info about cert checking on the python-tulip list.
On Sat, Oct 19, 2013 at 7:14 AM, Nick Coghlan <ncogh...@gmail.com> wrote: > On 19 October 2013 22:44, Christian Heimes <christ...@python.org> wrote: > > Am 19.10.2013 00:56, schrieb Guido van Rossum: > > A couple of months I had a long and fruitful discussion with MAL about > > the issue. Egenix PyOpenSSL installer comes with a root CA bundle. He > > tried a couple of approaches to handle trust settings with OpenSSL > > means. Eventually MAL had to split up the bundle into multiple files for > > each purpuse, see > > > http://www.egenix.com/company/news/eGenix-pyOpenSSL-Distribution-0.13.2.1.0.1.5.html > > > > We should *really* write a PEP about it, specify all details and get a > > proper review from real experts. This stuff is super complex and highly > > fragile. :( > > At the very least, it would be good if you and/or MAL could review the > cert verification in pip. PEP 453 makes that kinda important :) > > Cheers, > Nick. > > -- > Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia > -- --Guido van Rossum (python.org/~guido)
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
