[Python-Dev] PEP 476: Enabling certificate validation by default!

R. David Murray rdmurray at bitdance.com
Wed Sep 3 21:10:07 CEST 2014

On Wed, 03 Sep 2014 10:09:36 -0700, Ethan Furman <ethan at stoneleaf.us> wrote:
> On 09/03/2014 08:58 AM, R. David Murray wrote:
> >
> > I'm OK with letting go of this invalid-cert issue myself, given the lack
> > of negative feedback Twisted got.  I'll just keep my fingers crossed.
> I apologize if I missed this point, but if we have the source code then it is possible to go in and directly modify the 
> application/utility to be able to talk over https to a router with an invalid certificate?  This is an option when 
> creating the ssl_context?

The immediately preceding paragraph that you didn't quote said that the
context was 3rd party applications, not source code under your control.
Yes, you can (usually) still hack the source, but there are good reasons to
prefer to not do that, unfamiliarity with the codebase being just one of


More information about the Python-Dev mailing list