Author devin
Recipients Ryan.Tucker, ahasenack, asdfasdfasdfasdfasdfasdfasdf, debatem1, devin, giampaolo.rodola, heikki, janssen, jsamuel, orsenthil, pitrou, vila, zooko
Date 2010-09-29.18:42:53
SpamBayes Score 8.06604e-06
Marked as misclassified No
Message-id <1285785775.01.0.823911189888.issue1589@psf.upfronthosting.co.za>
In-reply-to
Content
> Correct me if I'm wrong, but the "well-maintained pyOpenSSL
> package" doesn't have the missing functionality (hostname
> checking in server certificates), either.

I'm pretty sure it's just a wrapper around the openssl library, which does not include it. That was Bill Janssen's argument for why the ssl module shouldn't do that verification. Well, that and the fact that there's no finalized standard for it yet. I believe this is the latest draft:
http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-09
History
Date User Action Args
2010-09-29 18:42:55devinsetrecipients: + devin, zooko, janssen, orsenthil, pitrou, giampaolo.rodola, vila, heikki, ahasenack, debatem1, jsamuel, asdfasdfasdfasdfasdfasdfasdf, Ryan.Tucker
2010-09-29 18:42:55devinsetmessageid: <1285785775.01.0.823911189888.issue1589@psf.upfronthosting.co.za>
2010-09-29 18:42:53devinlinkissue1589 messages
2010-09-29 18:42:53devincreate