On 8 May 2015 6:52 pm, "M.-A. Lemburg" <m...@egenix.com> wrote: > > On 07.05.2015 04:30, Nick Coghlan wrote: > >> Can we please make the monkeypatch a regular part of Python's > >> site.py which can enabled via an environment variable, say > >> export PYTHONHTTPSVERIFY=0. > >> > >> See http://bugs.python.org/issue23857 for the discussion. > > ... > > I actually do think it would be good to have such a feature as a > > native part of Python 2.7 in order to provide a nicer "revert to the > > pre-PEP-476 behaviour" experience for Python 2.7 users (leaving the > > "there's no easy way to turn HTTPS certificate verification off > > globally" state of affairs to Python 3), but I don't currently have > > the time available to push for that against the "end users can't be > > trusted not to turn certificate verification off when they should be > > fixing their certificate management instead" perspective. > > We're currently working on a new release of eGenix PyRun and this > will include Python 2.7.9. > > We do want to add such an env switch to disable the cert verification, > so would like to know whether we can use PYTHONHTTPSVERIFY for this > or not.
That's a slightly misleading quotation of my post, as I'm opposed to the use of an environment variable for this, due to the fact that using the "-E" switch will then revert to the upstream default behaviour of verifying certificates, rather defeating the point of introducing the legacy infrastructure compatibility feature in the first place. A new informational PEP akin to PEP 394 that defines a config file location & contents for downstream redistributors that need a smoother transition plan for PEP 476 will let us handle this in a consistent way across redistributors that's also compatible with runtime use of the -E switch. Cheers, Nick. > > We mainly need this to reenable simple use of self-signed certificates > which 2.7.9 disables. > > -- > Marc-Andre Lemburg > eGenix.com > > Professional Python Services directly from the Source (#1, May 08 2015) > >>> Python Projects, Coaching and Consulting ... http://www.egenix.com/ > >>> mxODBC Plone/Zope Database Adapter ... http://zope.egenix.com/ > >>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/ > ________________________________________________________________________ > > ::::: Try our mxODBC.Connect Python Database Interface for free ! :::::: > > eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 > D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg > Registered at Amtsgericht Duesseldorf: HRB 46611 > http://www.egenix.com/company/contact/
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
