Author christian.heimes
Recipients christian.heimes, pitrou
Date 2013-02-04.16:14:32
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1359994472.8.0.804183286731.issue17123@psf.upfronthosting.co.za>
In-reply-to
Content
Python's ssl module doesn't support OCSP [1]. The example code at [2] doesn't look too complicated. We should consider OCSP at least for 3.4 and may want to backport it to older versions to prevent MITM attacks on PyPI downloads.


[1]http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol)
[2] http://etutorials.org/Programming/secure+programming/Chapter+10.+Public+Key+Infrastructure/10.12+Checking+Revocation+Status+via+OCSP+with+OpenSSL/
History
Date User Action Args
2013-02-04 16:14:32christian.heimessetrecipients: + christian.heimes, pitrou
2013-02-04 16:14:32christian.heimessetmessageid: <1359994472.8.0.804183286731.issue17123@psf.upfronthosting.co.za>
2013-02-04 16:14:32christian.heimeslinkissue17123 messages
2013-02-04 16:14:32christian.heimescreate