[Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
Antoine Pitrou
solipsis at pitrou.net
Mon Jun 3 11:51:30 CEST 2013
On Mon, 3 Jun 2013 21:37:10 +1200
Ben Hoyt <benhoyt at gmail.com> wrote:
>
> I'm not familiar with Unix/Linux, but on Windows, if it's anything
> like mimetypes it'll be really hard to get consistent behaviour across
> different boxes/versions from the registry, or wherever certs might be
> stored on Windows. I'd much rather have a slightly outdated but
> consistent experience by default.
The problem with a "slightly outdated" CA store is that it can be a
security risk.
Regards
Antoine.
More information about the Python-Dev
mailing list