On 06/03/2013 11:34 AM, Antoine Pitrou wrote:
On Mon, 3 Jun 2013 14:12:34 -0400
Donald Stufft wrote:
I worry with the current situation people will just use TLS connections without realizing
it's not being verified and thinking they are "safe".
Yet there's quite a visible warning in the docs:
http://docs.python.org/dev/library/urllib.request.html
As has been been mentioned elsewhere, at the very least we should change cadefault to True for secure-type connections.
The dangerous/unexpected behavior should not be the default.
--
~Ethan~
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com