Paul Moore firstname.lastname@example.org:
Cool, in which case this sounds like a good plan. I have no particular opinion on whether there should be a global Python-level "don't check certificates" option, but I would suggest that the docs include a section explaining how a user can implement a "--no-check-certificates" flag in their program if they want to (with appropriate warnings as to the risks, of course!). Better to explain how to do it properly than to say "you shouldn't do that" and have developers implement awkward or incorrect hacks in spite of the advice.
Will there be a way to specify a particular CA certificate (as in "wget --ca-certificate")?
Will there be a way to specify a particular CA certificate directory (as in "wget --ca-directory")?