[issue20913] Standard Library documentation needs SSL security best practices doc.
Martin v. Löwis
report at bugs.python.org
Fri Mar 14 19:43:40 CET 2014
Martin v. Löwis added the comment:
I'd add a sentence to this paragraph
"""If a client certificate is needed for the connection, it can be added with
context.load_cert_chain(path_to_certificate, path_to_private_key)
"""
Then, in all places where a context and cert/key parameters are allowed (e.g. SMTP_SSL and starttls()), I'd remove the sentence saying that context is an alternative way to provide a private key, and say instead
"""See <link to "best defaults"> for configuring parameters of the TLS connection, such as validation of the server certificate, using the context parameter."""
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20913>
_______________________________________
More information about the Python-bugs-list
mailing list