> This is a self-signed cert, and it's still an open question whether > they should verify, and under what circumstances. I'm currently > thinking that in the CERT_OPTIONAL regime, they could, but with > CERT_REQUIRED, they shouldn't.
If an application wanted self-signed certs to verify under CERT_REQUIRED, they could add them to their rootcerts file. Bill _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
