[issue1589] New SSL module doesn't seem to verify hostname against commonName in certificate
Devin Cook
report at bugs.python.org
Wed Sep 29 20:42:55 CEST 2010
Devin Cook <devin.c.cook at gmail.com> added the comment:
> Correct me if I'm wrong, but the "well-maintained pyOpenSSL
> package" doesn't have the missing functionality (hostname
> checking in server certificates), either.
I'm pretty sure it's just a wrapper around the openssl library, which does not include it. That was Bill Janssen's argument for why the ssl module shouldn't do that verification. Well, that and the fact that there's no finalized standard for it yet. I believe this is the latest draft:
http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-09
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue1589>
_______________________________________
More information about the Python-bugs-list
mailing list