[issue6273] Add client side certificate support to httplib
Martin v. Löwis
report at bugs.python.org
Fri Jun 12 23:00:31 CEST 2009
Martin v. Löwis <martin at v.loewis.de> added the comment:
> The attached patch adds client-side cert support to httplib, as well as
> validation. Rather than just commit this, I would like to have additional
I wouldn't call the feature "client-side cert support" - client
certificates are already supported, and had been for a long time.
What you are adding to httplib is server certificate validation.
I find the patch incomplete, for formal and semantical reasons:
a) it doesn't come with documentation or test suite changes, and
b) it doesn't implement the typical certificate checks that browsers
do, beyond validating that the certificate is valid - e.g. also
validating that the certificate is issued to the host you are trying
to connect to.
API-wise, I'm not sure what the point of passing cert_reqs as a
parameter is - ISTM that, in httplib, if ca_certs is not None, then
cert_reqs should automatically be CERT_REQUIRED (just like it is
> Also, ideally this could be added to 2.6 maint (it seems like a pretty big
It's a new feature, so it shouldn't be added to 2.6. Not sure what you
mean by "big hole".
Python tracker <report at bugs.python.org>
More information about the Python-bugs-list