Robert Kuska added the comment: >Le 06/04/2015 13:29, Nick Coghlan a écrit : >> >> So while this isn't a feature upstream itself needs, it's one potentially needed by multiple *downstreams*, so in my view it makes sense for us to work with upstream to come up with the "one obvious way" for redistributors to handle the problem (now that we know that my initial attempt at providing such a way doesn't work in practice). > >So would it be possible for the actual implementation to be done outside of CPython? (in a dedicated fork, for example)
Yes it would and most likely will be, but as Nick pointed out, it is important to come up with the "one obvious way". I understand why my patch is not acceptable for the upstream, it was my first shot (yet suitable for us) to start a discussion about cert verification. >From the proposed solutions mentioned I favour the ENV variable which would >address also Donald concerns, using ENV variable per application to >enable/disable cert verification instead of global enable/disable, (yet it >could be also `export`ed for global settings), are there any real >disadvantages of using this method? ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue23857> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com