[Python-Dev] Enable Hostname and Certificate Chain Validation
Antoine Pitrou
solipsis at pitrou.net
Wed Jan 22 14:19:04 CET 2014
On Wed, 22 Jan 2014 05:30:40 -0500
Donald Stufft <donald at stufft.io> wrote:
> I would like to propose that a backwards incompatible change be
> made to Python to make verification of hostname and certificate
> chain the default instead of requiring it to be opt in.
>
> Python 3.4 has made great strides in making it easier for applications
> to simply turn on these settings, however many people are not aware
> at all that they need to opt into this. Most assume that it will operate
> similarly to their browser, curl, wget, etc
Python is not a Web client. Are you talking specifically about urllib?
Regards
Antoine.
More information about the Python-Dev
mailing list