Nick Coghlan added the comment: After further consideration, I realised there's an important difference between this case and the hash randomisation case: having the "-E" switch imply hash randomisation was OK, but having it imply HTTPS certificate verification after the system administrator has explicitly turned it off is going to cause problems.
The system administrator controlled configuration file gets around that by not relying on the interpreter's environment variable based configuration support. As a result, I've now recommended pursuing the configuration file based approach, with a PEP to standardise the precise name, format and semantics for the configuration file: https://bugzilla.redhat.com/show_bug.cgi?id=1173041#c8 Redistributors would opt-in by patching their system Python to implement that informational PEP, rather than the feature appearing in upstream CPython itself. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue23857> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
