Author christian.heimes
Recipients Arfrever, Giovanni.Bajo, alexis, barry, benjamin.peterson, christian.heimes, devin, dstufft, eric.araujo, fdrake, georg.brandl, jwilk, larry, loewis, pitrou, richard, skrah, tarek, techtonik
Date 2013-11-22.21:25:22
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
In-reply-to <>
How about:

- load ca cert from default verify locations
- try connect with CERT_REQUIRED
- print warning when cert validation fails and try again with CERT_NONE
- match hostname otherwise

At least this warns the user about the issue. Is there way to distinguish between CA missing and other failures?

Antoine Pitrou <> schrieb:
>Antoine Pitrou added the comment:
>Well, passive attacks are the easiest to mount by a casual attacker, so
>I think this is important to get in.
>Python tracker <>
Date User Action Args
2013-11-22 21:25:22christian.heimessetrecipients: + christian.heimes, loewis, fdrake, barry, richard, georg.brandl, pitrou, larry, techtonik, benjamin.peterson, tarek, jwilk, eric.araujo, Arfrever, skrah, alexis, devin, Giovanni.Bajo, dstufft
2013-11-22 21:25:22christian.heimeslinkissue12226 messages
2013-11-22 21:25:22christian.heimescreate