Hi, I think this is a great idea! In the long run i’d be a fan of using requests under the hood, but certainly makes sense to not reinvent the crypto wheel in the mean time.
Cheers, John > On 16 Oct 2014, at 18:15, Alex Gaynor <[email protected]> wrote: > > Hi all, > > I was investigating how libcloud does it's TLS, in the wake of POODLE. > Right now we're pretty much doing the whole pipeline ourselves, and I think > this is a bit unfortunate: we're a cloud abstraction library, we really > shouldn't be in the business of configuring cryptographic protocols! > > Long term, I'd like to outsource our HTTPS handling entirely to something > like requests. In the short term, I want to clean up various bits of this. > > For starters, I've put together a patch which replaces our implementation > of TLS certificate verification with the stdlib one (using the backport > package on PyPI): https://github.com/apache/libcloud/pull/374 > > What do folks think about this? > > Alex > > -- > "I disapprove of what you say, but I will defend to the death your right to > say it." -- Evelyn Beatrice Hall (summarizing Voltaire) > "The people's good is the highest law." -- Cicero > GPG Key fingerprint: 125F 5C67 DFE9 4084
