Message 64239 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	roberte
Recipients	giampaolo.rodola, gregory.p.smith, iElectric, janssen, pitrou, roberte
Date	2008-03-21.12:43:05
SpamBayes Score	0.24081247
Marked as misclassified	No
Message-id	<1206103386.75.0.449687951428.issue2054@psf.upfronthosting.co.za>
In-reply-to

Content
>> FWIW, m2crypto already provides an FTP-TLS facility with an >> ftplib-compatible API. See http://chandlerproject.org/Projects/MeTooCrypto Right but m2crypto is not part of the standard library (and is not going to be anytime soon). SSL is scheduled to be in 2.6. So it would be the natural choice to use that SSL binding to extend the ftp library. Of course we could have a look how ftps is implemented in m2crypto. Concerning the plain-text login. I think a FTPS class should default to encrypted login (you could use the ftp class if you dont want). In no way should the login credentials be sent unencrypted on default. Using another parameter might be a soulution to that, though I would prefer the library to raise an error if establishing an FTPS connection did not succeed. The main program could then catch it and decide how to proceed (using plain ftp or aborting according to a given policy).

>> FWIW, m2crypto already provides an FTP-TLS facility with an
>> ftplib-compatible API. See
http://chandlerproject.org/Projects/MeTooCrypto

Right but m2crypto is not part of the standard library (and is not going
to be anytime soon). SSL is scheduled to be in 2.6. So it would be the
natural choice to use that SSL binding to extend the ftp library. Of
course we could have a look how ftps is implemented in m2crypto.

Concerning the plain-text login. I think a FTPS class should default to
encrypted login (you could use the ftp class if you dont want). In no
way should the login credentials be sent unencrypted on default. Using
another parameter might be a soulution to that, though I would prefer
the library to raise an error if establishing an FTPS connection did not
succeed. The main program could then catch it and decide how to proceed
(using plain ftp or aborting according to a given policy).

History
Date	User	Action	Args
2008-03-21 12:43:06	roberte	set	spambayes_score: 0.240812 -> 0.24081247 recipients: + roberte, gregory.p.smith, janssen, pitrou, giampaolo.rodola, iElectric
2008-03-21 12:43:06	roberte	set	spambayes_score: 0.240812 -> 0.240812 messageid: <1206103386.75.0.449687951428.issue2054@psf.upfronthosting.co.za>
2008-03-21 12:43:06	roberte	link	issue2054 messages
2008-03-21 12:43:05	roberte	create