Christian Heimes added the comment: How about:
- load ca cert from default verify locations - try connect with CERT_REQUIRED - print warning when cert validation fails and try again with CERT_NONE - match hostname otherwise At least this warns the user about the issue. Is there way to distinguish between CA missing and other failures? Antoine Pitrou <rep...@bugs.python.org> schrieb: > >Antoine Pitrou added the comment: > >Well, passive attacks are the easiest to mount by a casual attacker, so >I think this is important to get in. > >---------- > >_______________________________________ >Python tracker <rep...@bugs.python.org> ><http://bugs.python.org/issue12226> >_______________________________________ ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue12226> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com