Phil Pennock added the comment:
wrapssl(server_hostname=True/False/String) looks good to me.
Your arguments for enabling by default are compelling, for P3k.
--
___
Python tracker
<http://bugs.python.org/issue5
Phil Pennock added the comment:
(Sorry for dropping this, lost available time)
I see your point. OTOH, use of SNI needs to be something that can be
disabled and people need to be able to connect to host A while supplying
host B, not necessarily using IP addresses for the specificity. Use
Phil Pennock added the comment:
Note: this previous work is client-side only, as noted in the body of
the report. I'll look into what's needed for clean server-side support too.
--
___
Python tracker
<http://bugs.python.
New submission from Phil Pennock :
With TLS it is possible to have the client use an extension (defined in
RFC 4366, and RFC 3546 before that) to indicate to the server which
hostname it believes it is talking to. The server can then choose TLS
certificates accordingly. This makes virtual
