[Python-Dev] SSL Certificate Validation
Bill Janssen
janssen at parc.com
Wed Jun 17 23:57:48 CEST 2009
I think if you check the issue tracker, there's already a patch for this
somewhere, IIRC.
Bill
Devin Cook <devin.c.cook at gmail.com> wrote:
> Ok, thanks for all the feedback. Just for clarity, I'll summarize
> everything as I understand it:
>
> * OpenSSL does the all validation of the certificate itself.
> (http://openssl.org/docs/apps/verify.html)
> * httplib should have a way to enable validation of the certificate.
> * httplib should have a way to enable checking of the reference
> identity. (that complies with section 3 of this draft:
> http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-00)
> * The reference identity checking (and cert validation, I assume)
> shouldn't be automatic. (per Bill)
>
> Does that sound about right? I'll try to work up a patch tonight
> implementing this.
>
> -Devin
More information about the Python-Dev
mailing list