[New-bugs-announce] [issue28671] SSL server requesting client certificates should send CA list
Kevin Chen
report at bugs.python.org
Fri Nov 11 18:30:24 EST 2016
New submission from Kevin Chen:
When a Python HTTPS server requests client certificates, it should send a CA list so the client knows which certificates are acceptable.
It looks like right now Python calls SSL_CTX_load_verify_locations, so once the client certificate is sent, Python can verify whether the client against the specify CAs. However, it looks like Python should also call SSL_CTX_set_client_CA_list so the client knows which certificates to send.
----------
assignee: christian.heimes
components: SSL
messages: 280620
nosy: christian.heimes, kchen
priority: normal
severity: normal
status: open
title: SSL server requesting client certificates should send CA list
type: behavior
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue28671>
_______________________________________
More information about the New-bugs-announce
mailing list