SSL security authorization?
John J. Lee
jjl at pobox.com
Wed Oct 22 08:38:00 EDT 2003
pythonguy at Hotpop.com (Anand Pillai) writes:
> You are right, I was basically asking about server-side
> authentication. My question was actually about the complete
[...]
OK.
> Ok, so server-side authentication is not there.I assumed so...:-)
> The docs are very vague on this point actually.
Both unclear and incorrect, in fact. See one of the SF doc bugs I
pointed out.
> Even then if we can write the client authentication, part of
> the work would be done since we can assume that the server
> credentials are valid for the time being. In such a case you
> of course end up talking to a server whose identity you are not
> sure of, but who has verified yours thru client authentication.
Not entirely sure I understand you there, but I'm sure that some
people will find client authentication useful, yes.
> My scenario was too advanced for the existing state of urllib
> or urllib2, since it deals with HTTPS password authentication
> on the server side. It cannot be done in the current state since
> that needs the server authentication code to be present in
> ssl.pyd, which as you say is not there.
I haven't looked to see how things work on Windows, so can't comment.
On linux, I think it's socketmodule.c that needs fixing.
> Ah, let us try to get the client ACK working first.
[...]
Yes. Obviously, what needs doing is first to check that urllib's
support for this is working, and then to add the feature to urllib2.
As I said, I can't do this easily since I'd have to configure a local
server, but it would be great if somebody else did it :-)
John
More information about the Python-list
mailing list