Pure Python HTTPS Server
Paul Rubin
http
Fri Feb 27 03:55:58 EST 2004
trevp at trevp.net (Trevor Perrin) writes:
> There's no path validation or cert creation. My view is that certs
> are a disaster, and I'm doing users a *favor* by keeping them at arm's
> length :-). Fingerprints are easier to use, so that's what the
> library encourages.
But it means you need a separate fingerprint for each person you talk
to. If you're going to do that, you may as well just use shared
symmetric keys and not mess with TLS.
> Anyways, I don't plan to add more X.509 support. If someone else
> wants to, it is open-source...
Yeah, that's what I mean about it being a lot of work to do the full
stack. It's great that you've provided this starting point though.
More information about the Python-list
mailing list