[Python-Dev] PEP 476: Enabling certificate validation by default!
Stephen J. Turnbull
stephen at xemacs.org
Wed Sep 3 04:43:25 CEST 2014
Antoine Pitrou writes:
> On Tue, 2 Sep 2014 16:47:35 -0700
> Glyph Lefkowitz <glyph at twistedmatrix.com> wrote:
> > As we keep saying, this is not a break in backwards
> > compatibility, it's a bug fix.
> Keeping saying it doesn't make it magically true.
It's not "magically" true, it is "just" true. What the hardliners
fail to acknowledge is that this is *not a bug in Python, it's a bug
in the whole system*, and *mostly* in the environment. Changing
Python will not change the environment, and applications will fail,
with unknown consequences. Saying they "should" fail *right* now is
bogus when you don't even know what those applications are, or what
other security measures may be in place:
Now is better than never.
Although never is often better than *right* now.
On the other hand, I commend the Twisted developers for putting their
values into their code with their reputation on the line. I hope they
win big with this move! Shouldn't we all hope for that?
More information about the Python-Dev