This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author pitrou
Recipients christian.heimes, pitrou
Date 2013-02-04.17:07:19
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1858917529.8294643.1359997633369.JavaMail.root@zimbra10-e2.priv.proxad.net>
In-reply-to <1359994472.8.0.804183286731.issue17123@psf.upfronthosting.co.za>
Content
Can you explain how OCSP helps prevent MITM attacks?

----- Mail original -----
> De: "Christian Heimes" <report@bugs.python.org>
> À: pitrou@free.fr
> Envoyé: Lundi 4 Février 2013 17:14:32
> Objet: [issue17123] Add OCSP support to ssl module
> 
> 
> New submission from Christian Heimes:
> 
> Python's ssl module doesn't support OCSP [1]. The example code at [2]
> doesn't look too complicated. We should consider OCSP at least for
> 3.4 and may want to backport it to older versions to prevent MITM
> attacks on PyPI downloads.
History
Date User Action Args
2013-02-04 17:07:19pitrousetrecipients: + pitrou, christian.heimes
2013-02-04 17:07:19pitroulinkissue17123 messages
2013-02-04 17:07:19pitroucreate