This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dstufft
Recipients alex, barry, bkabrda, doko, dstufft, janssen, lemburg, ncoghlan, pitrou, r.david.murray, rkuska, vstinner
Date 2015-04-05.20:49:56
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
> I don't consider monkey patching a proper way to configure a Python
> installation.

The point is that that TLS validation on/off isn't conceptually a Python level
configuration option, that's going to be a per application configuration
option. The monkeypatching is simply an escape hatch to give people time to
update their applications (or pressure whoever wrote the application) to
support the configuration option that really belongs at the application
level. It *should* feel improper because the entire concept of a Python level
on/off switch isn't proper and making it feel more proper by adding an official
API or config file for doing it is only giving footguns out to people.
Date User Action Args
2015-04-05 20:49:57dstufftsetrecipients: + dstufft, lemburg, barry, doko, ncoghlan, janssen, pitrou, vstinner, alex, r.david.murray, bkabrda, rkuska
2015-04-05 20:49:56dstufftsetmessageid: <>
2015-04-05 20:49:56dstufftlinkissue23857 messages
2015-04-05 20:49:56dstufftcreate