[Python-Dev] PEP 476: Enabling certificate validation by default!
Donald Stufft
donald at stufft.io
Fri Aug 29 22:10:03 CEST 2014
> On Aug 29, 2014, at 4:00 PM, "M.-A. Lemburg" <mal at egenix.com> wrote:
>
> * choice of trusted certificate:
>
> Instead of hard wiring using the system CA roots into
> Python it would be good to just make this default and
> permit the user to point Python to a different set of
> CA roots.
>
> This would enable using self signed certs more easily.
> Since these are often used for tests, demos and education,
> I think it's important to allow having more control of
> the trusted certs.
If I recall OpenSSL already allows this to be configured via envvar and the python API already allows it to be configured via API.
More information about the Python-Dev
mailing list