[Python-Dev] PEP 476: Enabling certificate validation by default!

Ethan Furman ethan at stoneleaf.us
Wed Sep 3 21:42:57 CEST 2014

On 09/03/2014 12:10 PM, R. David Murray wrote:
> On Wed, 03 Sep 2014 10:09:36 -0700, Ethan Furman <ethan at stoneleaf.us> wrote:
>> On 09/03/2014 08:58 AM, R. David Murray wrote:
>>> I'm OK with letting go of this invalid-cert issue myself, given the lack
>>> of negative feedback Twisted got.  I'll just keep my fingers crossed.
>> I apologize if I missed this point, but if we have the source code then it is possible to go in and directly modify the
>> application/utility to be able to talk over https to a router with an invalid certificate?  This is an option when
>> creating the ssl_context?
> The immediately preceding paragraph that you didn't quote said that the
> context was 3rd party applications, not source code under your control.
> Yes, you can (usually) still hack the source, but there are good reasons to
> prefer to not do that, unfamiliarity with the codebase being just one of
> them.

I appreciate that there is a distinction, yet in most cases we have the source code available (it is the nature of 
Python) and if push comes to shove (and a bunch of other colloquialisms) then modifying that source code can get you up 
and running again.


More information about the Python-Dev mailing list