[New-bugs-announce] [issue10795] standard library do not use ssl as recommended
report at bugs.python.org
Thu Dec 30 02:42:40 CET 2010
New submission from Mads Kiilerich <mads at kiilerich.com>:
As discussed on issue1589 it is now possible to create decent ssl connections with the ssl module - assuming ca_certs is specified and it is checked that the certificates matches.
The standard library do however neither do that nor make it possible to do it in the places where it uses ssl. For example smtplib starttls do not make it possible at all to specify ca_certs.
I suggest all uses of ssl should be reviewed - and fixed if necessary. The documentation should also be improved to make it clear what is necessary to create "secure" connections.
components: Library (Lib)
nosy: kiilerix, pitrou
title: standard library do not use ssl as recommended
versions: Python 2.7
Python tracker <report at bugs.python.org>
More information about the New-bugs-announce