Donald Stufft <donald <at> stufft.io> writes: > > I would like to propose that a backwards incompatible change be > made to Python to make verification of hostname and certificate > chain the default instead of requiring it to be opt in.
I'm overwhelmingly, dramatically +1 on this. There's no good architectural reason to not use the built-in certificate chains by default. I'd like to be in favour of backporting this change to earlier Python versions as well, but it feels too aggressive, even to me. _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
