validating HTTPS certificates?

[Andras.Horvath at cern.ch]

> validation. Validation should just be a matter of passing
> cert_reqs=CERT_REQUIRED and ca_certs= to ssl.wrap_socket(), then checking
> that SSLSocket.getpeercert() returns a non-empty dictionary.

That'd be cool unless I can't use an already-open socket (by SSL, for
verification) in any of the built-in HTTP engines, by the look of it.

Andras