This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author janssen
Recipients ahasenack, heikki, janssen, vila
Date 2008-09-11.16:04:03
SpamBayes Score 4.56873e-12
Marked as misclassified No
Message-id <4b3e516a0809110903y56c9bf58xc5551427a1192413@mail.gmail.com>
In-reply-to <1221114270.43.0.500989682044.issue1589@psf.upfronthosting.co.za>
Content
I think that, where it's appropriate, you can do that.  Just don't put it in
the SSL module.

Bill

On Wed, Sep 10, 2008 at 11:24 PM, Heikki Toivonen <report@bugs.python.org>wrote:

>
> Heikki Toivonen <hjtoi-bugzilla@comcast.net> added the comment:
>
> Ok, thank you for clarifications. Now I understand why the hostname
> checking isn't the solution that fits every problem. I am still not
> completely clear how you'd do the checking otherwise, for example to
> verify the service you are talking to is what you think it is.
>
> But still, I think dealing with email servers is another common use case
> where hostname check is adequate most of the time. I am sure there are
> other cases like this. Therefore I am still of the opinion that the
> default should be to do the hostname check. Yes, make it overridable,
> but doing the check is safer than not doing any checking IMO because
> even if the check is incorrect for a certain purpose the developer is
> likely to notice an error quickly and inclined to do some other security
> check instead of not doing anything and thinking they have a secure system.
>
> If you want to continue the discussion, we should maybe take this to
> some other forum, like comp.lang.python.
>
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue1589>
> _______________________________________
>
Files
File name Uploaded
unnamed janssen, 2008-09-11.16:04:01
History
Date User Action Args
2008-09-11 16:04:48janssensetrecipients: + janssen, vila, heikki, ahasenack
2008-09-11 16:04:03janssenlinkissue1589 messages
2008-09-11 16:04:03janssencreate