[Python-Dev] Enable Hostname and Certificate Chain Validation
Benjamin Peterson
benjamin at python.org
Wed Jan 22 21:56:58 CET 2014
On Wed, Jan 22, 2014, at 12:25 PM, Nick Coghlan wrote:
> On 23 Jan 2014 00:39, "Benjamin Peterson" <benjamin at python.org> wrote:
> > Speaking of requests, I think another way to address this issue would be
> > import a requests-like APIs into the stdlib (something which should
> > happen anyway) and make that verify certificates by default. This would
> > address the casual urllib-type usecase of fetching files over http/ftp
> > etc. (I expect most people using their own protocols over raw TLS
> > already know to force certificate verification.)
>
> Guido gave in principle approval for an asyncio backed requests clone as
> the preferred HTTP client API last year, but that's going to take someone
> to write and publish it if we're going to be able to include it in 3.5.
But requests is synchronous, so I'm not sure how much you can use of
asyncio. I was thinking of something bolted onto urllib.
More information about the Python-Dev
mailing list