[New-bugs-announce] [issue10274] imaplib should provide a means to validate a remote server ssl certificate(s)
report at bugs.python.org
Mon Nov 1 04:55:33 CET 2010
New submission from david <db.pub.mail at gmail.com>:
imaplib should provide a means to validate a remote server ssl certificate(s).
So currently imaplib allows you to do the following:
conn = imaplib.IMAP4_SSL("imap.gmail.com")
#the following should fail
conn = imaplib.IMAP4_SSL("220.127.116.11")
conn = imaplib.IMAP4_SSL("i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org",
conn = imaplib.IMAP4_SSL("insert_self_signed_imap_server_here")
However, only the first call("imap.gmail.com") should *NOT* result in an error being raised (if the certificate is being checked :) ).
I wasn't able to find a way to get imaplib.IMAP4_SSL to take the certificate for the remote server without wanting a private cert (which wasn't / isn't desired ).
If an option is added / method added that takes in an optional parameter to validate the remote IMAP's ssl certificate has been signed by a trusted certificate authority this would be a good solution.
title: imaplib should provide a means to validate a remote server ssl certificate(s)
versions: Python 3.2
Python tracker <report at bugs.python.org>
More information about the New-bugs-announce