Pure Python HTTPS Server

Fri Feb 27 03:55:58 EST 2004

trevp at trevp.net (Trevor Perrin) writes:
> There's no path validation or cert creation.  My view is that certs
> are a disaster, and I'm doing users a *favor* by keeping them at arm's
> length :-).  Fingerprints are easier to use, so that's what the
> library encourages.

But it means you need a separate fingerprint for each person you talk
to.  If you're going to do that, you may as well just use shared
symmetric keys and not mess with TLS.

> Anyways, I don't plan to add more X.509 support.  If someone else
> wants to, it is open-source...

Yeah, that's what I mean about it being a lot of work to do the full
stack.  It's great that you've provided this starting point though.