> -----Original Message----- > From: Python-Dev [mailto:python-dev- > bounces+kristjan=ccpgames....@python.org] On Behalf Of Nick Coghlan > Sent: Wednesday, January 22, 2014 19:45 > To: Paul Moore > Cc: Python-Dev > Subject: Re: [Python-Dev] Enable Hostname and Certificate Chain Validation > Right, the browsers have a whole system of "click through" security to make > the web (and corporate intranets!) still usable even when they only accept > CA signed certs by default. With a programming language, there's no such > interactivity, so applications just break and users don't know why. >
If not already possible, I suggest that we allow the use of a certificate validation callback (it isn't possible for 2.7, I just hacked in one yesterday to allow me to ignore out-date-failure for certificates.) Using this, it would be possible to e.g. emit warnings when certificiate failures occur, rather than deny connection outright. K _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com