On Tue, Jun 15, 2010 at 5:31 PM, Paul Rubin <no.em...@nospam.invalid> wrote: > Terry Reedy <tjre...@udel.edu> writes: >>> Could similar notifications be added to urllib, etc? That's where >>> people really get bitten badly by this. >> >> If you have specific ideas, propose them on the tracker. > > urllib is basically a web client and as such it should act like a > browser, with a default certificate store. It should refuse to connect > to an https host that doesn't have a valid certificate, unless you > override the default (supply your own CA store or validation routine). > There could be some pre-written override options, such as accept expired > certificate, accept certificate named "www.xyz.com" when the actual host > is "abc.xyz.com", or that sort of thing. These are code changes, not > doc updates.
I've opened the requested bug report: http://bugs.python.org/issue9003 Just for the record, I'd rather see this fixed than note the need for a workaround. Geremy Condra -- http://mail.python.org/mailman/listinfo/python-list
