[Python-Dev] PEP 476: Enabling certificate validation by default!
R. David Murray
rdmurray at bitdance.com
Fri Aug 29 23:42:34 CEST 2014
On Fri, 29 Aug 2014 17:11:35 -0400, Donald Stufft <donald at stufft.io> wrote:
> Sorry I was on my phone and didn’t get to fully reply to this.
> > On Aug 29, 2014, at 4:00 PM, M.-A. Lemburg <mal at egenix.com> wrote:
> >
> > * configuration:
> >
> > It would be good to be able to switch this on or off
> > without having to change the code, e.g. via a command
> > line switch and environment variable; perhaps even
> > controlling whether or not to raise an exception or
> > warning.
>
> I’m on the fence about this, if someone provides a certificate
> that we can validate against (which can be done without
> touching the code) then the only thing that really can’t be
> “fixed†without touching the code is if someone has a certificate
> that is otherwise invalid (expired, not yet valid, wrong hostname,
> etc). I’d say if I was voting on this particular thing I’d be -0, I’d
> rather it didn’t exist but I wouldn’t cry too much if it did.
Especially if you want an accelerated change, there must be a way to
*easily* get back to the previous behavior, or we are going to catch a
lot of flack. There may be only 7% of public certs that are problematic,
but I'd be willing to bet you that there are more not-really-public ones
that are critical to day to day operations *somewhere* :)
wget and curl have 'ignore validation' as a command line flag for a reason.
--David
More information about the Python-Dev
mailing list