On Jun 3, 2013, at 5:51 PM, Antoine Pitrou <[email protected]> wrote:
> On Mon, 3 Jun 2013 17:47:31 -0400 > Donald Stufft <[email protected]> wrote: >> >> On Jun 3, 2013, at 5:41 PM, Antoine Pitrou <[email protected]> wrote: >> >>> On Mon, 3 Jun 2013 22:31:40 +0100 >>> Paul Moore <[email protected]> wrote: >>>> >>>>> Some legit sites with proper >>>>> certificates still manage to muck something up administratively >>>>> (developer.quicksales.com.au has a cert from RapidSSL but doesn't >>>>> bundle the intermediates, and I've told their devs about it, but all I >>>>> can do is disable cert checking). This will break code in ways that >>>>> will surprise people greatly. But I'd still rather the default be >>>>> True. >>>>> >>>> >>>> I'm happy if the "will cease to work" clause only says "some sites with >>>> broken security configurations may stop working" with a clear explanation >>>> that it is *their* fault, not Python's. I'd also expect that the same sites >>>> would fail in browsers - if not, we should also be able to make them work >>>> (or face cries of "well, Internet Explorer/Firefox doesn't have a problem >>>> with my site, why does Python?"). >>> >>> Keep in mind that not every HTTPS service is a Web site that is meant >>> to be readable with a browser. Some are Web services, possibly internal, >>> possibly without a domain name (and, therefore, probably a non-matching >>> certificate subject name). >> >> They should need to explicitly opt in to disabling the checks that allow >> that to work. > > Obviously, which means compatibility is broken with existing code. > > Regards > > Antoine. > _______________________________________________ > Python-Dev mailing list > [email protected] > http://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: > http://mail.python.org/mailman/options/python-dev/donald%40stufft.io Yes in that case compat will be broken and they'll need to either specify a cert that can be used to validate the connection or disable the protection. I think it's very surprising for people that they need to *enable* secure mode when most tools have that on by default. It's handing users a security foot gun, and like most things security related "broken" is silent until it's too late. ----------------- Donald Stufft PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Python-Dev mailing list [email protected] http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
