>The documentation says: > > Changed in version 3.4.3: This class now performs all the necessary > certificate > and hostname checks by default. To revert to the previous, unverified, > behavior > ssl._create_unverified_context() can be passed to the context parameter. > >So it seems that you either get both chain verification and hostname checks or >neither. Perhaps I am reading the docs incorrectly?
Aw, come on. This is a code example I wrote in ten minutes. If you believe it's that important to make this example work in older versions of python, feel free to add the three or four lines of code that turn on certificate verification explicitly. It is really not rocket science. >In any case, doing atypical things risks people doing the wrong thing, even if >one particular library makes it comparatively painless to do the right thing. We seem to have extreme variation in our thresholds of pain -- writing small amounts of code to check SSL certificates causes crippling agony, while forcing the production web departments of large organizations to add odd stuff of use only to the mail department is a barely perceptible pinprick. I think we've made all the points we're going to make. R's, John _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
