[issue23857] Make default HTTPS certificate verification setting configurable
Marc-Andre Lemburg
report at bugs.python.org
Sat May 9 00:35:51 CEST 2015
Marc-Andre Lemburg added the comment:
Those are nice ideas, but you are forgetting two important points:
* browsers are typically only being used by single users,
applications by potentially hundreds or thousands of users
* how should the poor sys admin who's task it is to keep Python
up to date know which SSL certs to add to the trust store ?
E.g. assume your application fetches user comments for sentiment
analysis from a few thousand sites, or gathers status updates
from a few hundred routers and switches you have installed
at your site, or even more difficult: an application which
tries to map your IT world of a few thousand network nodes,
scanning port 443 for useful information.
For eGenix PyRun we have now implemented an env var PYRUN_HTTPSVERIFY
which can be set to 0 to disable the checks and revert back to
Python 2.7.8 standards, if necessary, on a per process basis.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue23857>
_______________________________________
More information about the Python-bugs-list
mailing list