https
Erno Kuusela
erno-news at erno.iki.fi
Mon Feb 26 21:56:33 EST 2001
In article <mailman.983218330.31657.python-list at python.org>, "Roy W
Fileger" <rfileger at bellsouth.net> writes:
| Hello,
| I am new to Python but am excited about it. I have a
| requirement to send a Credit Card transaction to an
| HTTPS server as the body of a POST transaction.
if you decide to use the https support that comes with python, be
sure to authenticate the other end somehow. by default the python
https support doesn't seem to have any database of certificate
authorities, so it's not really safe against dns spoofing or
the like.
someone please correct me if i'm wrong, i'm not sure about the
above since there is no documentation for the ssl stuff...
i hear m2crypto might be better wrt this, but i'm not sure.
you could also consider using some other way, like gnupg + email,
to send the information. that would have the advantage that the
information would arrive ancrypted at the other end too, so
even if your your communications with the server at the other end,
or indeed the server at the other end itself, gets compromised,
your information is still safe.
-- erno
More information about the Python-list
mailing list