Message 146579 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	nagle
Recipients	nagle
Date	2011-10-28.21:12:21
SpamBayes Score	3.4775092e-06
Marked as misclassified	No
Message-id	<1319836342.01.0.0498331341848.issue13288@psf.upfronthosting.co.za>
In-reply-to

Content
The SSL module still doesn't return much information from the certificate. SSLSocket.getpeercert only returns a few basic items about the certificate subject. You can't retrieve issuer information, and you can't get the extensions needed to check if a cert is an EV cert. With the latest flaps about phony cert issuers, (another CA compromise hit the news today) it's worth having issuer info available. It was available in the old M2Crypto module, but not in the current Python SSL module. John Nagle

The SSL module still doesn't return much information from the
certificate.  SSLSocket.getpeercert only returns a few basic items
about the certificate subject.  You can't retrieve issuer information,
and you can't get the extensions needed to check if a cert is an EV cert.

With the latest flaps about phony cert issuers, (another CA compromise hit the news today) it's worth having issuer info available.
It was available in the old M2Crypto module, but not in the current Python SSL module.

                                John Nagle

History
Date	User	Action	Args
2011-10-28 21:12:22	nagle	set	recipients: + nagle
2011-10-28 21:12:22	nagle	set	messageid: <1319836342.01.0.0498331341848.issue13288@psf.upfronthosting.co.za>
2011-10-28 21:12:21	nagle	link	issue13288 messages
2011-10-28 21:12:21	nagle	create