On 22.01.2014 15:36, Donald Stufft wrote: > Last time I tried the reasoning was that Python couldn’t ship root certs > and we couldn’t get to the OS certs everywhere. Thanks to you this > is fixed now, so “once more unto the breach”.
The Windows situation is still not perfect, though. I'd love to use Chrome's approach and directly hook Windows' crypt32 API into OpenSSL verify function. That would trigger automatic retrieval of unknown root certs and CRL checks. _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
