[Distutils] PyPI Migrated to New Infrastructure with some Breakage
Alex Clark
aclark at aclark.net
Mon Jan 27 13:28:21 CET 2014
Donald Stufft <donald <at> stufft.io> writes:
>
>
>
> Just a follow up.
> - OAuth is busted
>
>
> These two issues existed prior to the migration as far as I can tell.
Correct. We've discussed Oauth in IRC and this ticket has existed since late
last year:
-
https://bitbucket.org/pypa/pypi/issue/85/oauth-authorise-not-found-https-must-be
I'm bringing it up now because I'm still interested in seeing it fixed. IIUC
MvL correctly, it happened around the time of the CDN switch.
In any event, there is a portion of traffic going to/from PyPI unencrypted
and PyPI needs it to be encrypted. This leads to the confusing error message
when trying to do OAuth over "https". You talk https to the end point, and
the end point (seemingly) responds "I need this to be https".
More information about the Distutils-SIG
mailing list