Message 137424 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	skrah
Recipients	Arfrever, alexis, barry, eric.araujo, loewis, skrah, tarek, techtonik
Date	2011-06-01.07:30:14
SpamBayes Score	0.0025393602
Marked as misclassified	No
Message-id	<1306913415.13.0.571167549516.issue12226@psf.upfronthosting.co.za>
In-reply-to

Content
> Distutils doesn't validate PyPI server certificate, so this change > doesn't prevent from MITM attacks, but at least it makes package > submissions over wireless channels and public networks safer. Is that so? It's been a while, but I think e.g. ettercap is a highly automated tool for MITM attacks that isn't very hard to use.

> Distutils doesn't validate PyPI server certificate, so this change
> doesn't prevent from MITM attacks, but at least it makes package
> submissions over wireless channels and public networks safer.

Is that so? It's been a while, but I think e.g. ettercap is a highly
automated tool for MITM attacks that isn't very hard to use.

History
Date	User	Action	Args
2011-06-01 07:30:15	skrah	set	recipients: + skrah, loewis, barry, techtonik, tarek, eric.araujo, Arfrever, alexis
2011-06-01 07:30:15	skrah	set	messageid: <1306913415.13.0.571167549516.issue12226@psf.upfronthosting.co.za>
2011-06-01 07:30:14	skrah	link	issue12226 messages
2011-06-01 07:30:14	skrah	create