Message 231896 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	desbma
Recipients	alex, benjamin.peterson, christian.heimes, desbma
Date	2014-11-30.16:57:30
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1417366650.32.0.816213076107.issue22959@psf.upfronthosting.co.za>
In-reply-to

Content
I agree that changing a default to something less secure is not something to do lightly, however I think forcing a check that is explicitly disabled is a bug and can be counter productive security wise. People who don't have time to look at the stdlib code, and file bug like this are likely to react with "fuck it, I'll use plain HTTP". By the way, my use case is precisely xmlrpc.

I agree that changing a default to something less secure is not something to do lightly, however I think forcing a check that is explicitly disabled is a bug and can be counter productive security wise.

People who don't have time to look at the stdlib code, and file bug like this are likely to react with "fuck it, I'll use plain HTTP".

By the way, my use case is precisely xmlrpc.

History
Date	User	Action	Args
2014-11-30 16:57:30	desbma	set	recipients: + desbma, christian.heimes, benjamin.peterson, alex
2014-11-30 16:57:30	desbma	set	messageid: <1417366650.32.0.816213076107.issue22959@psf.upfronthosting.co.za>
2014-11-30 16:57:30	desbma	link	issue22959 messages
2014-11-30 16:57:30	desbma	create