[Python-Dev] More on server-side SSL support
"Martin v. Löwis"
martin at v.loewis.de
Tue Aug 21 08:57:09 CEST 2007
> The simplest way to do verification is to allow the application to
> provide a set of root certs that it would like to verify against, and
> use the built-in OpenSSL verification procedure.
That's good. I don't recall whether you planned for this, however,
it would then be necessary to find out who the authenticated user
is, to do authorization. Getting that as a pair (client dn, issuer dn)
is the interface that springs to mind first.
More information about the Python-Dev