On Thu, Jun 17, 2010 at 10:49 AM, Antoine Pitrou wrote:
> On Tue, 15 Jun 2010 19:56:46 -0700
> John Nagle wrote:
>>
>> http://bugs.python.org/issue1589
> [...]
>>
>> The typical Python user will expect SSL checking for URL opening
>> to behave like a browser does. They won't be up to speed o
On Tue, 15 Jun 2010 19:56:46 -0700
John Nagle wrote:
>
> http://bugs.python.org/issue1589
[...]
>
> The typical Python user will expect SSL checking for URL opening
> to behave like a browser does. They won't be up to speed on the
> internal mechanics of X.509 certificates. The default cas
On 6/15/2010 1:27 PM, Antoine Pitrou wrote:
On Mon, 14 Jun 2010 19:47:49 +0100
Nobody wrote:
On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote:
The new SSL module in Python 2.6
There isn't an SSL module in Python 2.6. There is a module named "ssl"
which pretends to implement SSL, bu
On Tue, Jun 15, 2010 at 5:31 PM, Paul Rubin wrote:
> Terry Reedy writes:
>>> Could similar notifications be added to urllib, etc? That's where
>>> people really get bitten badly by this.
>>
>> If you have specific ideas, propose them on the tracker.
>
> urllib is basically a web client and as suc
Terry Reedy writes:
>> Could similar notifications be added to urllib, etc? That's where
>> people really get bitten badly by this.
>
> If you have specific ideas, propose them on the tracker.
urllib is basically a web client and as such it should act like a
browser, with a default certificate st
On 6/15/2010 5:14 PM, geremy condra wrote:
I have tried to put some effort into the py3k ssl docs, so that security
issues get mentioned:
http://docs.python.org/dev/py3k/library/ssl.html#security-considerations
Any improvement or correction is welcome.
Could similar notifications be added to u
On Tue, 15 Jun 2010 22:57:24 +0200, Antoine Pitrou wrote:
> Also, following issue1589 (certificate hostname checking), I think it
> would be useful at least to provide the necessary helper functions in
> order to check certificate conformity, even if they aren't called
> implicitly. I would encour
On Tue, 15 Jun 2010 14:14:08 -0700
geremy condra wrote:
> >
> > Ok, thank you.
> > I have tried to put some effort into the py3k ssl docs, so that security
> > issues get mentioned:
> > http://docs.python.org/dev/py3k/library/ssl.html#security-considerations
> > Any improvement or correction is we
On Tue, Jun 15, 2010 at 1:57 PM, Antoine Pitrou wrote:
>
> Hello,
>
>> He's describing the lack of hostname checking, discussed here[0],
>> here[1], and in my pycon lightning talk last year, wherever those
>> are kept.
>
> Ok, thank you.
> I have tried to put some effort into the py3k ssl docs, so
Hello,
> He's describing the lack of hostname checking, discussed here[0],
> here[1], and in my pycon lightning talk last year, wherever those
> are kept.
Ok, thank you.
I have tried to put some effort into the py3k ssl docs, so that security
issues get mentioned:
http://docs.python.org/dev/py3k
On Tue, Jun 15, 2010 at 1:27 PM, Antoine Pitrou wrote:
> On Mon, 14 Jun 2010 19:47:49 +0100
> Nobody wrote:
>> On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote:
>>
>> > The new SSL module in Python 2.6
>>
>> There isn't an SSL module in Python 2.6. There is a module named "ssl"
>> which p
On Mon, 14 Jun 2010 19:47:49 +0100
Nobody wrote:
> On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote:
>
> > The new SSL module in Python 2.6
>
> There isn't an SSL module in Python 2.6. There is a module named "ssl"
> which pretends to implement SSL, but in fact doesn't.
What do you mean
On 6/14/2010 11:58 AM, geremy condra wrote:
On Mon, Jun 14, 2010 at 11:47 AM, Nobody wrote:
On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote:
The new SSL module in Python 2.6
There isn't an SSL module in Python 2.6. There is a module named "ssl"
which pretends to implement SSL, but
On Mon, 14 Jun 2010 11:05:50 -0700
geremy condra wrote:
>
> Yes. Hashlib is designed to provide cryptographic hashes, and the ssl
> module to provide TLS support. Evpy provides encryption and signing.
> Am I answering your question?
Hmm, indeed, thank you. For some strange reason I had forgotten
On Mon, Jun 14, 2010 at 11:47 AM, Nobody wrote:
> On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote:
>
>> The new SSL module in Python 2.6
>
> There isn't an SSL module in Python 2.6. There is a module named "ssl"
> which pretends to implement SSL, but in fact doesn't.
>
>> is convenient, b
On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote:
> The new SSL module in Python 2.6
There isn't an SSL module in Python 2.6. There is a module named "ssl"
which pretends to implement SSL, but in fact doesn't.
> is convenient, but insecure.
In which case, it isn't actually convenient, i
On Mon, Jun 14, 2010 at 10:25 AM, Antoine Pitrou wrote:
> Le lundi 14 juin 2010 à 13:18 -0400, geremy condra a écrit :
>> >>
>> >> Evpy[1] is designed to be a very easy-to-use interface to OpenSSL,
>> >> although it is by design limited to doing things the right way, so it
>> >> may not meet your
On 6/13/2010 1:59 PM, Michael Crute wrote:
On Sun, Jun 13, 2010 at 4:29 PM, astral
wrote:
I am looking for Python OpenSSL library, for Python version 2.5.4 (on
Windows)
Which does not require to install Cygwin package. Need just to decrypt file,
then uninstall library.
You might want to take
Le lundi 14 juin 2010 à 13:18 -0400, geremy condra a écrit :
> >>
> >> Evpy[1] is designed to be a very easy-to-use interface to OpenSSL,
> >> although it is by design limited to doing things the right way, so it
> >> may not meet your needs.
> >
> > How about contributing to the standard hashlib a
On Mon, Jun 14, 2010 at 10:08 AM, Antoine Pitrou wrote:
> On Sun, 13 Jun 2010 14:13:32 -0700
> geremy condra wrote:
>> On Sun, Jun 13, 2010 at 1:29 PM, astral
>> wrote:
>> > I am looking for Python OpenSSL library, for Python version 2.5.4 (on
>> > Windows)
>> > Which does not require to install
On Sun, 13 Jun 2010 14:13:32 -0700
geremy condra wrote:
> On Sun, Jun 13, 2010 at 1:29 PM, astral
> wrote:
> > I am looking for Python OpenSSL library, for Python version 2.5.4 (on
> > Windows)
> > Which does not require to install Cygwin package. Need just to decrypt file,
> > then uninstall lib
On 6/13/10 2:59 PM, astral wrote:
>
> which one is for windows, for Python version 2.5.4 ? And how to uninstall
> when required?
>
You can try http://www.egenix.com/products/python/pyOpenSSL/ -- its
fairly low-level OpenSSL, but its pretty comprehensive.
And you uninstall it in Add & Remove Pro
On Sun, Jun 13, 2010 at 5:59 PM, astral
wrote:
>> You might want to take a look at m2crypto[0]. While I have not
>> personally run it on Windows (runs great on OS X and Linux) they do
>> provide pre-compiled Windows binaries.
>
> which one is for windows, for Python version 2.5.4 ? And how to unin
"Michael Crute" wrote in message
news:mailman.1395.1276462801.32709.python-l...@python.org...
> On Sun, Jun 13, 2010 at 4:29 PM, astral
> wrote:
> > I am looking for Python OpenSSL library, for Python version 2.5.4 (on
> > Windows)
> > Which does not require to install Cygwin package. Need just
On Sun, Jun 13, 2010 at 1:29 PM, astral
wrote:
> I am looking for Python OpenSSL library, for Python version 2.5.4 (on
> Windows)
> Which does not require to install Cygwin package. Need just to decrypt file,
> then uninstall library.
Evpy[1] is designed to be a very easy-to-use interface to Open
On Sun, Jun 13, 2010 at 4:29 PM, astral
wrote:
> I am looking for Python OpenSSL library, for Python version 2.5.4 (on
> Windows)
> Which does not require to install Cygwin package. Need just to decrypt file,
> then uninstall library.
You might want to take a look at m2crypto[0]. While I have not
26 matches
Mail list logo
