On Fri, 29 Aug 2014 17:42:34 -0400 "R. David Murray" <rdmur...@bitdance.com> wrote: > > Especially if you want an accelerated change, there must be a way to > *easily* get back to the previous behavior, or we are going to catch a > lot of flack. There may be only 7% of public certs that are problematic, > but I'd be willing to bet you that there are more not-really-public ones > that are critical to day to day operations *somewhere* :)
Actually, by construction, there are certs which will always fail verification, for example because they are embedded in telco equipments which don't have a predefined hostname or IP address. (I have encountered some of those) Regards Antoine. _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
