[Python-Dev] Verification of SSL cert and hostname made easy

Antoine Pitrou solipsis at pitrou.net
Sun Dec 1 12:40:10 CET 2013

On Sun, 1 Dec 2013 21:33:06 +1000
Nick Coghlan <ncoghlan at gmail.com> wrote:
> If we don't do that, then I think Christian's approach is a reasonable
> compromise given the late stage of the release cycle - it ensures the
> context can't get into the inconsistent verify_mode=CERT_NONE and
> check_hostname=True state, and leaves our options completely open for
> 3.5:

I would prefer the check to be made when the the socket is created,
i.e. the wrap_socket() call.



More information about the Python-Dev mailing list