Message 181343 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	dstufft
Recipients	christian.heimes, dstufft, eric.araujo, gregory.p.smith, gvanrossum, hynek, loewis, pitrou, tarek
Date	2013-02-04.16:19:34
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1359994775.0.0.844896776088.issue17121@psf.upfronthosting.co.za>
In-reply-to

Content
CACert is not proper irregardless of what that projects goals are. It is not trusted by default therefore it does not provide the same level of security in the browser (Very few people will bother to look at the difference between a CACert and a self signed cert). Further more I don't believe you'll be able to use HSTS with it at all making SSL Stripping a very easy avenue to a MITM.

CACert is not *proper* irregardless of what that projects goals are. It is not trusted by default therefore it does not provide the same level of security in the browser (Very few people will bother to look at the difference between a CACert and a self signed cert). Further more I don't believe you'll be able to use HSTS with it at all making SSL Stripping a very easy avenue to a MITM.

History
Date	User	Action	Args
2013-02-04 16:19:35	dstufft	set	recipients: + dstufft, gvanrossum, loewis, gregory.p.smith, pitrou, christian.heimes, tarek, eric.araujo, hynek
2013-02-04 16:19:35	dstufft	set	messageid: <1359994775.0.0.844896776088.issue17121@psf.upfronthosting.co.za>
2013-02-04 16:19:34	dstufft	link	issue17121 messages
2013-02-04 16:19:34	dstufft	create