Message117639
> Correct me if I'm wrong, but the "well-maintained pyOpenSSL
> package" doesn't have the missing functionality (hostname
> checking in server certificates), either.
I'm pretty sure it's just a wrapper around the openssl library, which does not include it. That was Bill Janssen's argument for why the ssl module shouldn't do that verification. Well, that and the fact that there's no finalized standard for it yet. I believe this is the latest draft:
http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-09 |
|
Date |
User |
Action |
Args |
2010-09-29 18:42:55 | devin | set | recipients:
+ devin, zooko, janssen, orsenthil, pitrou, giampaolo.rodola, vila, heikki, ahasenack, debatem1, jsamuel, asdfasdfasdfasdfasdfasdfasdf, Ryan.Tucker |
2010-09-29 18:42:55 | devin | set | messageid: <1285785775.01.0.823911189888.issue1589@psf.upfronthosting.co.za> |
2010-09-29 18:42:53 | devin | link | issue1589 messages |
2010-09-29 18:42:53 | devin | create | |
|