On Tue, Jun 4, 2013 at 4:56 AM, Ethan Furman <ethan@stoneleaf.us> wrote:
On 06/03/2013 11:34 AM, Antoine Pitrou wrote:
On Mon, 3 Jun 2013 14:12:34 -0400 Donald Stufft wrote:
I worry with the current situation people will just use TLS connections without realizing it's not being verified and thinking they are "safe".
Yet there's quite a visible warning in the docs: http://docs.python.org/dev/library/urllib.request.html
As has been been mentioned elsewhere, at the very least we should change cadefault to True for secure-type connections. The dangerous/unexpected behavior should not be the default.
+1 for having the default be safe, but this will have to be very loudly announced ("when migrating from 3.3 to 3.4, TLS connections will cease to work if blah blah"). Some legit sites with proper certificates still manage to muck something up administratively (developer.quicksales.com.au has a cert from RapidSSL but doesn't bundle the intermediates, and I've told their devs about it, but all I can do is disable cert checking). This will break code in ways that will surprise people greatly. But I'd still rather the default be True. ChrisA