Antoine Pitrou <pit...@free.fr> added the comment: > If you make an HTTPS connection without checking the certificate, what > security does it add?
Well, it does prevent the most trivial class of attacks (sniffing). That said, Python has support for certificate checking, especially in 3.2+, so you should use that. You could e.g. bundle the CACert root certificate with the distribution. ---------- nosy: +pitrou _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue12226> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
