Message121480
On 19 November 2010 03:48, Antoine Pitrou <report@bugs.python.org> wrote:
>
> Antoine Pitrou <pitrou@free.fr> added the comment:
>
>> > This may not be satisfying to users. For example, our Windows
>> > distribution doesn't ship with any certicates (AFAIK); I have no
>> > clue where exactly OpenSSL would be looking for them, either.
>> > People worried about this problem probably would want a way to
>> > fill the list of trusted CA certificates.
>
> Right, this is just a helper in case OpenSSL is configured correctly by
> the OS vendor (the OpenSSL packaged by Linux distros usually is).
>
>> Erh, those people can already do this, but the problem is by default
>> none are selected.
>> IMHO something is probably better than nothing in this case(by default).
>
> We can't change anything *by default* since it would break
> compatibility. We can just provide helpers and arguments to make it easy
> to switch to a more "secure" behaviour (for some meaning of secure).
what about an environmental setting that can be used to enforce
checking (or the like) ? |
|
Date |
User |
Action |
Args |
2010-11-18 17:12:39 | asdfasdfasdfasdfasdfasdfasdf | set | recipients:
+ asdfasdfasdfasdfasdfasdfasdf, loewis, pitrou, eric.araujo |
2010-11-18 17:12:38 | asdfasdfasdfasdfasdfasdfasdf | link | issue10441 messages |
2010-11-18 17:12:38 | asdfasdfasdfasdfasdfasdfasdf | create | |
|