[Python-Dev] PEP 476: Enabling certificate validation by default!

Antoine Pitrou antoine at python.org
Sun Aug 31 20:37:50 CEST 2014

Le 31/08/2014 20:28, Paul Moore a écrit :
> I can't see how that would be something the application would know.
> For example, pip allows me to specify an "alternate cert bundle" but
> not a single additional cert. So IIUC, I can't use my local index that
> serves https using a self-signed cert. I'd find it hard to argue that
> it's pip's responsibility to think of that use case - pretty much any
> program that interacts with a web service *might* need to interact
> with a self-signed dummy version, if only under test conditions.

Well, it's certainly pip's responsibility more than Python's. What would 
Python do? Provide a setting that would blindly add a cert for all uses 
of httplib?

pip knows about the use cases here, Python doesn't.

(perhaps you want to serve your local index using http, though)



More information about the Python-Dev mailing list