Pure Python HTTPS Server

Trevor Perrin trevp at trevp.net
Fri Feb 27 03:30:30 CET 2004


Paul Rubin <http://phr.cx@NOSPAM.invalid> wrote in message news:<7x7jy9igvg.fsf at ruckus.brouhaha.com>...
> Bob Ippolito <bob at redivi.com> writes:
> > Have you seen: http://trevp.net/tlslite/ ?
> 
> No, hadn't seen it.  Interesting, thanks.  It looks like it's not a
> full blown implementation right now (no real attempt to handle
> certificates) but that it's moving in that direction.

Hi Paul,

If you have an X.509 cert you can use it; and you can authenticate the
other guy based on his X.509 fingerprint.

There's no path validation or cert creation.  My view is that certs
are a disaster, and I'm doing users a *favor* by keeping them at arm's
length :-).  Fingerprints are easier to use, so that's what the
library encourages.

Anyways, I don't plan to add more X.509 support.  If someone else
wants to, it is open-source...

Trevor



More information about the Python-list mailing list