[New-bugs-announce] [issue12358] validate server certificate when uploading packages to PyPI
anatoly techtonik
report at bugs.python.org
Sat Jun 18 11:34:00 CEST 2011
New submission from anatoly techtonik <techtonik at gmail.com>:
Please add this as a child of master issue12357.
When default protocol to upload to PyPI is switched to HTTPS in issue12226, the next step is to validate the certificate. Certificate validation requires that we will either:
1. distribute root CACert certificate with Python (for some reason it is not included/trusted on Windows platform)
2. acquire certificate for PyPI servers from party trusted by default, so that system certificates can be used for validation
----------
messages: 138578
nosy: techtonik
priority: normal
severity: normal
status: open
title: validate server certificate when uploading packages to PyPI
type: security
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue12358>
_______________________________________
More information about the New-bugs-announce
mailing list