[Python-Dev] PEP 476: Enabling certificate validation by default!
Marko Rauhamaa
marko at pacujo.net
Sat Aug 30 18:17:28 CEST 2014
Paul Moore <p.f.moore at gmail.com>:
> Cool, in which case this sounds like a good plan. I have no particular
> opinion on whether there should be a global Python-level "don't check
> certificates" option, but I would suggest that the docs include a
> section explaining how a user can implement a
> "--no-check-certificates" flag in their program if they want to (with
> appropriate warnings as to the risks, of course!). Better to explain
> how to do it properly than to say "you shouldn't do that" and have
> developers implement awkward or incorrect hacks in spite of the
> advice.
Will there be a way to specify a particular CA certificate (as in "wget
--ca-certificate")?
Will there be a way to specify a particular CA certificate directory (as
in "wget --ca-directory")?
Marko
More information about the Python-Dev
mailing list