[Python-Dev] Request for pronouncement on PEP 493 (HTTPS verification backport guidance)

Barry Warsaw barry at python.org
Mon Nov 30 15:32:30 EST 2015


On Nov 27, 2015, at 04:04 PM, Nick Coghlan wrote:

>New draft pushed: https://hg.python.org/peps/rev/f602a47ea795
>
>This is a significant rewrite that switches the PEP to a Standards Track PEP
>proposing two new features for 2.7.12+: an "ssl._verify_https_certificates()"
>configuration function, and a "PYTHONHTTPSVERIFY" environment variable
>(although writing them together like that makes me wonder if the latter
>should now be "PYTHONVERIFYHTTPS" instead).

Thanks for this, and +1 on Stephen's suggested name change (which you've
already pushed).

Two comments: the PEP still describes the configuration file implementation.
Is this slated for 2.7.12 also?  If not, should it just be dropped from the
PEP?

I'd mildly prefer no default value for `enable` in
_https_verify_certificates().  I'd have preferred a keyword-only argument, but
of course this is Python 2.  Instead, I'd like to force passing True or False
(and document using `enable=True` or `enable=False`) and not rely on a default
argument.  But I'm only +0 on that detail.

Cheers,
-Barry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/python-dev/attachments/20151130/32329a14/attachment.sig>


More information about the Python-Dev mailing list