[Python-Dev] Enable Hostname and Certificate Chain Validation

[Donald Stufft]

I would like to propose that a backwards incompatible change be
made to Python to make verification of hostname and certificate
chain the default instead of requiring it to be opt in.

Python 3.4 has made great strides in making it easier for applications
to simply turn on these settings, however many people are not aware
at all that they need to opt into this. Most assume that it will operate
similarly to their browser, curl, wget, etc and validate by default and in
the typical style of security related issues it will appear to work just fine
however be grossly insecure.

In the real world “opt in security” typically translates to just plain old insecure
for the bulk of applications/libraries. I believe that Python has a responsibility
to do the right thing by default here and it is in the best position to do so. The
alternative requires every Python developer who wants to access a secure
resource to be educated on the fact that they need to flip some switch to
do what most of them would expect.

-----------------
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.python.org/pipermail/python-dev/attachments/20140122/493701ca/attachment.sig>