This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients gregory.p.smith, martin.panter, orange, serhiy.storchaka, vstinner, ware, xiang.zhang, xtreak
Date 2019-04-10.22:05:48
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1554933948.96.0.217277863985.issue30458@roundup.psfhosted.org>
In-reply-to
Content 
> Will this break something in the world other than our own test_xmlrpc test?  Probably. Do they have a right to complain about it?  Not one we need listen to.

I understand. But. Can we consider that for old Python versions like Python 2.7 and 3.5?

This change will be applied to all supported Python versions.

I recall that when Python 2.7 started to validate TLS certificate, the change broke some applications. Are these applications badly written? Yes! But well, "it worked well before". Sometimes, when you work in a private network, the security matters less, whereas it might be very expensive to fix a legacy application. At Red Hat, we developed a solution to let customers to opt-out from this fix (to no validate TLS certificates), because it is just too expensive for customers to fix their legacy code but they would like to be able to upgrade RHEL.

One option to not validate URLs is to downgrade Python, but I'm not sure that it's the best compromise :-/
History
Date User Action Args
2019-04-10 22:05:49vstinnersetrecipients: + vstinner, gregory.p.smith, martin.panter, serhiy.storchaka, xiang.zhang, orange, xtreak, ware
2019-04-10 22:05:48vstinnersetmessageid: <1554933948.96.0.217277863985.issue30458@roundup.psfhosted.org>
2019-04-10 22:05:48vstinnerlinkissue30458 messages
2019-04-10 22:05:48vstinnercreate