It is common practice in corporate networks that connect MS Windows machines to
redirect all (encrypted included) traffic through company's router. For this
purpose routers are usually configured to act as a CA. However, the
certificate issued by such "CA" will of course not be found in the certificates
distributed with LibreSSL (how would they even know?). MS Windows networking,
however, has a way to configure these policies.
Prior to this issue, Python relied on the OS libraries to implement TLS
protocol, so the overall setup worked transparently for users. Since 3.6.5,
however, this is no longer possible (requires alteration of certificates
distributed with Python).
I'm asking that this be made configurable / possible to disable using simple
means, perhaps an environment variable / registry key or similar.
PS. I still cannot register to the bug tracker (never received a confirmation
email), this is why you are reading this email.
- Best.
Oleg
This communication and all information contained in or attached to it is
confidential, intended solely for the addressee, may be legally privileged and
is the intellectual property of one of the companies of NEX Group plc ("NEX")
or third parties. If you are not the intended addressee or receive this message
in error, please immediately delete all copies of it and notify the sender. We
have taken precautions to minimise the risk of transmitting software viruses,
but we advise you to carry out your own virus checks on any attachments. We do
not accept liability for any loss or damage caused by software viruses. NEX
reserves the right to monitor all communications. We do not accept any legal
responsibility for the content of communications, and no communication shall be
considered legally binding. Furthermore, if the content of this communication
is personal or unconnected with our business, we accept no liability or
responsibility for it. NEX Group plc is a public limited company regi
stered in England and Wales under number 10013770 and certain of its
affiliates are authorised and regulated by regulatory authorities. For further
regulatory information please see www.NEX.com.
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
