[issue10274] imaplib should provide a means to validate a remote server ssl certificate(s)
david
report at bugs.python.org
Mon Nov 1 04:55:33 CET 2010
New submission from david <db.pub.mail at gmail.com>:
imaplib should provide a means to validate a remote server ssl certificate(s).
So currently imaplib allows you to do the following:
import imaplib
conn = imaplib.IMAP4_SSL("imap.gmail.com")
#the following should fail
conn = imaplib.IMAP4_SSL("74.125.39.109")
conn = imaplib.IMAP4_SSL("i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org",
443)
conn = imaplib.IMAP4_SSL("insert_self_signed_imap_server_here")
However, only the first call("imap.gmail.com") should *NOT* result in an error being raised (if the certificate is being checked :) ).
I wasn't able to find a way to get imaplib.IMAP4_SSL to take the certificate for the remote server without wanting a private cert (which wasn't / isn't desired ).
If an option is added / method added that takes in an optional parameter to validate the remote IMAP's ssl certificate has been signed by a trusted certificate authority this would be a good solution.
----------
components: None
messages: 120108
nosy: db
priority: normal
severity: normal
status: open
title: imaplib should provide a means to validate a remote server ssl certificate(s)
type: security
versions: Python 3.2
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue10274>
_______________________________________
More information about the Python-bugs-list
mailing list