[issue13856] xmlrpc / httplib changes to allow for certificate verification
Martin v. Löwis
report at bugs.python.org
Mon Jan 30 01:45:23 CET 2012
Martin v. Löwis <martin at v.loewis.de> added the comment:
> By that I mean, sending the ca_file and cert_reqs from the client,
> which I believe would be required if you want to verify the server
> certificate from the client end [1]. The other clients send only
> the cert_file and the key_file.
Ah, you are probably referring to the "server name indication",
which is a fairly recent TLS feature.
Python does support it, in the server_hostname context field.
You never ever send the CA certificate to the server in TLS,
AFAIK (except as part of a chain including your own client
certificate).
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13856>
_______________________________________
More information about the Python-bugs-list
mailing list