This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author njs
Recipients alex, christian.heimes, dstufft, janssen, njs
Date 2017-12-18.23:38:34
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1513640314.98.0.213398074469.issue32359@psf.upfronthosting.co.za>
In-reply-to
Content 
Yeah, I'm not entirely sure whether fixing this is actually doable or worthwhile, but figured I should at least make an issue to discuss :-).

The problem is, in the motivating use case of wanting to be able to reliably convert an SSLContext into some other representation, we really need to be able to get 100% of the configuration out. I think the trust configuration can probably be handled in principle by remembering the arguments to any calls to load_verify_locations, so they can be replayed later. But... that won't work for private keys, because if they're password-protected then replaying a call to load_cert_chain will end up prompting for the password twice. So maybe we really would need a way to pull out the actual private key bits. And if we can't do that, then maybe it's not worth stressing about the other stuff either...
History
Date User Action Args
2017-12-18 23:38:35njssetrecipients: + njs, janssen, christian.heimes, alex, dstufft
2017-12-18 23:38:34njssetmessageid: <1513640314.98.0.213398074469.issue32359@psf.upfronthosting.co.za>
2017-12-18 23:38:34njslinkissue32359 messages
2017-12-18 23:38:34njscreate