validating HTTPS certificates?

Andras.Horvath at cern.ch Andras.Horvath at cern.ch
Mon Jun 29 09:18:20 CEST 2009


On Fri, Jun 26, 2009 at 07:01:24PM +0200, Nobody wrote:

> For a urllib-style interface, there's not much point in performing
> verification after the fact. Either the library performs verification or
> it doesn't. If it doesn't, you've just sent the (potentially confidential)
> request to an unknown server; discovering this after the fact doesn't
> really help.

I was more thinking about supplying a/some CA certificate(s) and
requiring that the site cert be valid (otherwise the connection should
fail). This sounds very EAFP to me.

Andras



More information about the Python-list mailing list