Message 58535 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	ahasenack
Recipients	ahasenack, gvanrossum, janssen
Date	2007-12-13.15:14:29
SpamBayes Score	0.01525482
Marked as misclassified	No
Message-id	<1197558870.27.0.0210737785058.issue1589@psf.upfronthosting.co.za>
In-reply-to

Content
> do it automatically. Unfortunately, that means that client-side certificate > verification has to be done (it's pointless to look at the data in > unverified certificates), and that means that the client software has to > have an appropriate collection of root certificates to verify against. I But the current API already has this feature: ssl_sock = ssl.wrap_socket(s, ca_certs="/etc/pki/tls/rootcerts/%s" % cert, cert_reqs=ssl.CERT_REQUIRED) So this is already taken care of with ca_certs and cert_reqs, right?

> do it automatically.  Unfortunately, that means that client-side
certificate
> verification has to be done (it's pointless to look at the data in
> unverified certificates), and that means that the client software has to
> have an appropriate collection of root certificates to verify against.  I

But the current API already has this feature:
ssl_sock = ssl.wrap_socket(s, ca_certs="/etc/pki/tls/rootcerts/%s" % cert,
                      cert_reqs=ssl.CERT_REQUIRED)

So this is already taken care of with ca_certs and cert_reqs, right?

History
Date	User	Action	Args
2007-12-13 15:14:30	ahasenack	set	spambayes_score: 0.0152548 -> 0.01525482 recipients: + ahasenack, gvanrossum, janssen
2007-12-13 15:14:30	ahasenack	set	spambayes_score: 0.0152548 -> 0.0152548 messageid: <1197558870.27.0.0210737785058.issue1589@psf.upfronthosting.co.za>
2007-12-13 15:14:30	ahasenack	link	issue1589 messages
2007-12-13 15:14:30	ahasenack	create