david <db.pub.m...@gmail.com> added the comment: On 19 November 2010 03:18, Martin v. Löwis <rep...@bugs.python.org> wrote: > > Martin v. Löwis <mar...@v.loewis.de> added the comment: > >>> The best that could be done is to provide a configuration option (e.g. >>> global variable) that should be treated as a default value, and then >>> leave it to people distributing Python to fill out this variable in a >>> sensible way. >> >> Actually, OpenSSL already does a similar thing (see issue10443). > > This may not be satisfying to users. For example, our Windows > distribution doesn't ship with any certicates (AFAIK); I have no > clue where exactly OpenSSL would be looking for them, either. > People worried about this problem probably would want a way to > fill the list of trusted CA certificates. >
Martin does it matter? To be honest I don't know about that many client side python windows applications for which this is a problem for. Maybe I am mistaken. If this is the case, then how do these projects work at the moment? (or do they just not care about this...) . However, they could bundle their own certificates, so I don't see this as an issue. However, you seem confused here: " I have no > clue where exactly OpenSSL would be looking for them, either. > People worried about this problem probably would want a way to > fill the list of trusted CA certificates." Erh, those people can already do this, but the problem is by default none are selected. IMHO something is probably better than nothing in this case(by default). ---------- title: some stdlib modules need to be updated to handle SSL certificate validation -> some stdlib modules need to be updated to handle SSL certificate validation _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue10441> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
