[issue1589] New SSL module doesn't seem to verify hostname against commonName in certificate
Antoine Pitrou
report at bugs.python.org
Wed Sep 29 21:00:49 CEST 2010
Antoine Pitrou <pitrou at free.fr> added the comment:
> What would the approximate cost on that be, do you think? My
> understanding was that the code was pretty much written given John
> Nagle's patch and M2Crypto.
To err on the safe side and account for integration work (unit tests,
coding style, and use in http.client / urllib), I would say a couple of
days. Also because it's rather boring code :-)
(but, don't assume that urllib will then be secure by default; Python
doesn't ship with CA certificates, so existing code will still need a
bit of work to activate cert validation and pass the location of the
system's CA certs)
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue1589>
_______________________________________
More information about the Python-bugs-list
mailing list