Message 71586 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	heikki
Recipients	ahasenack, heikki, janssen, vila
Date	2008-08-20.22:52:14
SpamBayes Score	0.00010482343
Marked as misclassified	No
Message-id	<1219272735.73.0.805807230774.issue1589@psf.upfronthosting.co.za>
In-reply-to

Content
I would think most people/applications want to know to which host they are talking to. The reason I am advocating adding a default check to the stdlib is because this is IMO important for security, and it is easy to get it wrong (I don't think I have it 100% correct in M2Crypto either, although I believe it errs on the side of caution). I believe it would be a disservice to ship something that effectively teaches developers to ignore security (like the old socket.ssl does). A TLS extension also allows SSL vhosts, so static IPs are no longer strictly necessary (this is not universally supported yet, though).

I would think most people/applications want to know to which host they
are talking to. The reason I am advocating adding a default check to the
stdlib is because this is IMO important for security, and it is easy to
get it wrong (I don't think I have it 100% correct in M2Crypto either,
although I believe it errs on the side of caution). I believe it would
be a disservice to ship something that effectively teaches developers to
ignore security (like the old socket.ssl does).

A TLS extension also allows SSL vhosts, so static IPs are no longer
strictly necessary (this is not universally supported yet, though).

History
Date	User	Action	Args
2008-08-20 22:52:16	heikki	set	recipients: + heikki, janssen, vila, ahasenack
2008-08-20 22:52:15	heikki	set	messageid: <1219272735.73.0.805807230774.issue1589@psf.upfronthosting.co.za>
2008-08-20 22:52:15	heikki	link	issue1589 messages
2008-08-20 22:52:14	heikki	create