[issue20913] Standard Library documentation needs SSL security best practices doc.
R. David Murray
report at bugs.python.org
Fri Mar 14 02:48:01 CET 2014
R. David Murray added the comment:
To expand on that point a little: in the past, I could happily use the SMTP_SSL class (say) without thinking about certificates or server hostname verification, or pretty much of anything. This produced no verification, of course, which is the problem we are trying to solve. So we should have recipes *somewhere* in the docs that show how to use these facilities securely. It isn't obvious what the default security level currently is.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20913>
_______________________________________
More information about the Python-bugs-list
mailing list