On 4 Sep 2014 06:39, "Alex Gaynor" <alex.gay...@gmail.com> wrote: > > Guido van Rossum <guido <at> python.org> writes: > > > OK, that changes my position for 2.7 (but not for 3.5). I had assumed there > > was a way to disable the cert check by changing one parameter to the > > urlopen() call. (And I had wanted to add that there should be a clear FAQ > > about the subject.) If this isn't possible that changes the situation. (But I > > still think that once we do have that simple change option we should do it, > > in a later 2.7 upgrade.) I apologize for speaking before I had read all > > facts, and I'll await what you and Nick come up with. > > --Guido > > This probably doesn't surprise anyone, but I'm more than happy to do the back- > porting work for httplib, and any other modules which need SSLContext support; > does this require an additional PEP, or does it fit under PEP466 or PEP476?
I suggest writing up a separate PEP for 2.7 that covers exactly what would need to be backported in order to make the same HTTPS handling change in Python 2. For 476, I suggest taking my list of modules that call "_create_stdlib_cert" and being completely explicit as to which ones are *not* changing (as that will help clarify the scope of the backport proposal). I learned that lesson with PEP 453 - it's well worth making the Python 3 PEP easier to accept by making it independent of the inevitably more controversial Python 2 backport PEP :) Cheers, Nick. > > Alex > > _______________________________________________ > Python-Dev mailing list > Python-Dev@python.org > https://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: https://mail.python.org/mailman/options/python-dev/ncoghlan%40gmail.com
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
