This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author asdfasdfasdfasdfasdfasdfasdf
Recipients asdfasdfasdfasdfasdfasdfasdf
Date 2010-11-01.03:55:31
SpamBayes Score 0.00012387683
Marked as misclassified No
Message-id <1288583733.85.0.123923377362.issue10274@psf.upfronthosting.co.za>
In-reply-to
Content 
imaplib should provide a means to validate a remote server ssl certificate(s).

So currently imaplib allows you to do the following:

import imaplib
conn = imaplib.IMAP4_SSL("imap.gmail.com")

#the following should fail
conn = imaplib.IMAP4_SSL("74.125.39.109")
conn = imaplib.IMAP4_SSL("i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org",
443)
conn = imaplib.IMAP4_SSL("insert_self_signed_imap_server_here")
However, only the first call("imap.gmail.com") should *NOT* result in an error being raised (if the certificate is being checked :) ).

I wasn't able to find a way to get imaplib.IMAP4_SSL to take the certificate for the remote server without wanting a private cert (which wasn't / isn't desired ).

If an option is added / method added that takes in an optional parameter to validate the remote IMAP's ssl certificate has been signed by a trusted certificate authority this would be a good solution.
History
Date User Action Args
2010-11-01 03:55:33asdfasdfasdfasdfasdfasdfasdfsetrecipients: + asdfasdfasdfasdfasdfasdfasdf
2010-11-01 03:55:33asdfasdfasdfasdfasdfasdfasdfsetmessageid: <1288583733.85.0.123923377362.issue10274@psf.upfronthosting.co.za>
2010-11-01 03:55:32asdfasdfasdfasdfasdfasdfasdflinkissue10274 messages
2010-11-01 03:55:31asdfasdfasdfasdfasdfasdfasdfcreate