3 Sep
2014
3 Sep
'14
4:31 p.m.
On Tue, 02 Sep 2014 21:29:16 -0400
"R. David Murray"
The top proposal so far is an sslcustomize.py file that could be used to either decrease or increase the default security. This is a much less handy solution than application options (eg, curl, wget) that allow disabling security for "this cert" or "this CLI session". It also is more prone to unthinking abuse since it is persistent. So perhaps it is indeed not worth it. (That's why I suggested an environment variable...something you could specify on the command line for a one-off.)
I'll be fine with not adding any hooks at all, and letting people configure their application code correctly :-) Regards Antoine.