Python OpenSSL library
Antoine Pitrou
solipsis at pitrou.net
Tue Jun 15 16:57:24 EDT 2010
Hello,
> He's describing the lack of hostname checking, discussed here[0],
> here[1], and in my pycon lightning talk last year, wherever those
> are kept.
Ok, thank you.
I have tried to put some effort into the py3k ssl docs, so that security
issues get mentioned:
http://docs.python.org/dev/py3k/library/ssl.html#security-considerations
Any improvement or correction is welcome.
Also, following issue1589 (certificate hostname checking), I think it
would be useful at least to provide the necessary helper functions in
order to check certificate conformity, even if they aren't called
implicitly. I would encourage interested people to provide a patch for
the py3k ssl module, and will gladly review it.
Regards
Antoine.
More information about the Python-list
mailing list