[Python-Dev] PEP 476: Enabling certificate validation by default!

Antoine Pitrou solipsis at pitrou.net
Thu Sep 4 14:39:03 CEST 2014


On Thu, 4 Sep 2014 13:11:38 +1000
Nick Coghlan <ncoghlan at gmail.com> wrote:
> That leaves Python 2.7, and I have to say I'm now persuaded that a
> backport (including any required httplib and urllib features) is the
> right way to go. One of the tasks I'd been dreading as a follow-on
> from PEP 466 was organising the code audit to make sure our existing
> Python 2 applications are properly configuring SSL. If we instead
> change Python 2.7.9 to validate certificates by default, then the need
> to do that audit *goes away*, replaced by the far more mundane tasking
> of doing integration testing on 2.7.9, which we'd have to do *anyway*.

What are "our existing Python 2 applications"? Is it a Red Hat-specific
statement? What is the "code audit" you are talking about?

Regards

Antoine.




More information about the Python-Dev mailing list