On Mon, 29 Jun 2009 09:18:20 +0200, Andras.Horvath wrote:
For a urllib-style interface, there's not much point in performing
verification after the fact. Either the library performs verification or
it doesn't. If it doesn't, you've just sent the (potentially confidential)
request to an
validation. Validation should just be a matter of passing
cert_reqs=CERT_REQUIRED and ca_certs= to ssl.wrap_socket(), then checking
that SSLSocket.getpeercert() returns a non-empty dictionary.
That'd be cool unless I can't use an already-open socket (by SSL, for
verification) in any of the
andras.horv...@cern.ch wrote:
I'm in the process of picking a language for a client application that
accesses a HTTPS (actually SOAP) server. This would be easy enough in
Python, but I came across a strange fact: neither httplib nor urllib
offer the possibility to actually verify the server's
Hi,
(disclaimer: this might be a FAQ entry somewhere but I honestly did use
Google)
I'm in the process of picking a language for a client application that
accesses a HTTPS (actually SOAP) server. This would be easy enough in
Python, but I came across a strange fact: neither httplib nor urllib
On Fri, 26 Jun 2009 10:04:21 +0200, Andras.Horvath wrote:
(disclaimer: this might be a FAQ entry somewhere but I honestly did use
Google)
I'm in the process of picking a language for a client application that
accesses a HTTPS (actually SOAP) server. This would be easy enough in
Python,
