[Python-Dev] Validating SSL By Default (aka Including a Cert Bundle in CPython)
Barry Warsaw
barry at python.org
Mon Jun 3 18:36:36 CEST 2013
On Jun 03, 2013, at 01:20 AM, Donald Stufft wrote:
>So I would like to propose that CPython adopt the Mozilla SSL certificate
>list and include it in core, and switch over the API's so that they verify
>HTTPS by default. This is what most people are going to expect when using a
>https url (Especially after learning that Python 2.x doesn't verify TLS, but
>Python 3.x "does").
For the "verify HTTPS by default", do you mean specifically changing the
cadefault argument to urllib.request.urlopen() to True? Note that I recently
closed a bug related to this:
http://bugs.python.org/issue17977
+1 for changing the default to True.
-Barry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-dev/attachments/20130603/8fb02bfe/attachment.pgp>
More information about the Python-Dev
mailing list