On Fri, 29 Aug 2014 18:00:50 -0400, Donald Stufft <don...@stufft.io> wrote:
> > On Aug 29, 2014, at 5:42 PM, R. David Murray <rdmu...@bitdance.com> wrote:> > Especially if you want an accelerated change, there must be a way to> > *easily* get back to the previous behavior, or we are going to catch a> > lot of flack. There may be only 7% of public certs that are problematic,> > but I'd be willing to bet you that there are more not-really-public ones> > that are critical to day to day operations *somewhere* :)> > > > wget and curl have 'ignore validation' as a command line flag for a reason.> > > > Right, that’s why I’m on the fence :)> > On one hand, it’s going to break things for some people, (arguably they are> already broken, just silently so, but we’ll leave that argument aside) and a> way to get back the old behavior is good. There are already ways within> the Python code itself, so that’s covered. From outside of the Python code> there are ways if the certificate is untrusted but otherwise valid which are> pretty easy to do. The major “gap” is when you have an actual invalid> certificate due to expiration or hostname or some other such thing.> > On the other hand Python is not wget/curl and the people who are most> likely to be the target for a “I can’t change the code but I need to get the> old behavior back” are people who are likely to not be invoking Python> itself but using something written in Python which happens to be using> Python. IOW they might be executing “foobar” not “python -m foobar”.
Right, so an environment variable is better than a command line switch,
for Python.
> Like I said though, I’m personally fine either way so don’t take this as> being against that particular change!
Ack.
--David
_______________________________________________
Python-Dev mailing list
Pyth...@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: https://mail.python.org/mailman/options/python-dev/python-dev-ml%40activestate.com
Recent Messages in this Thread |
|
Alex Gaynor |
Aug 29, 2014 07:47 pm |
|
David Reid |
Aug 29, 2014 07:56 pm |
|
M.-A. Lemburg |
Aug 29, 2014 08:00 pm |
|
Ethan Furman |
Aug 29, 2014 08:07 pm |
|
Nick Coghlan |
Aug 30, 2014 11:26 pm |
|
Antoine Pitrou |
Aug 31, 2014 01:25 am |
|
R. David Murray |
Aug 31, 2014 02:21 am |
|
Nick Coghlan |
Aug 31, 2014 06:09 am |
|
Donald Stufft |
Aug 31, 2014 06:16 am |
|
Nick Coghlan |
Aug 31, 2014 06:45 am |
|
Cory Benfield |
Aug 31, 2014 10:42 am |
|
R. David Murray |
Aug 31, 2014 02:16 pm |
|
Christian Heimes |
Aug 31, 2014 04:27 pm |
|
Paul Moore |
Aug 31, 2014 05:03 pm |
|
Antoine Pitrou |
Aug 31, 2014 05:29 pm |
|
Paul Moore |
Aug 31, 2014 06:28 pm |
|
Antoine Pitrou |
Aug 31, 2014 06:37 pm |
|
Paul Moore |
Aug 31, 2014 07:12 pm |
|
Antoine Pitrou |
Aug 31, 2014 08:15 pm |
|
Paul Moore |
Aug 31, 2014 08:30 pm |
|
Nick Coghlan |
Aug 31, 2014 09:41 pm |
|
Antoine Pitrou |
Aug 31, 2014 09:53 pm |
|
Christian Heimes |
Aug 31, 2014 09:59 pm |
|
Christian Heimes |
Aug 31, 2014 08:16 pm |
|
Christian Heimes |
Aug 31, 2014 09:43 pm |
|
Nick Coghlan |
Aug 31, 2014 10:10 pm |
|
R. David Murray |
Sep 01, 2014 01:10 am |
|
Nick Coghlan |
Sep 01, 2014 06:05 am |
|
Nick Coghlan |
Sep 02, 2014 10:12 pm |
|
Paul Moore |
Sep 01, 2014 06:07 am |
|
Nick Coghlan |
Sep 01, 2014 06:44 am |
|
Christian Heimes |
Sep 01, 2014 07:13 am |
|
Nick Coghlan |
Sep 01, 2014 08:09 am |
|
Antoine Pitrou |
Sep 01, 2014 12:41 pm |
|
Chris Angelico |
Sep 01, 2014 01:24 pm |
|
Antoine Pitrou |
Sep 01, 2014 01:34 pm |
|
Chris Angelico |
Sep 01, 2014 01:42 pm |
|
Antoine Pitrou |
Sep 01, 2014 01:59 pm |
|
Nick Coghlan |
Sep 01, 2014 02:53 pm |
|
Antoine Pitrou |
Sep 01, 2014 02:57 pm |
|
M.-A. Lemburg |
Sep 08, 2014 08:09 am |
|
Donald Stufft |
Aug 31, 2014 10:15 pm |
|
Nick Coghlan |
Sep 01, 2014 12:06 am |
|
Nick Coghlan |
Aug 31, 2014 06:24 am |
|
Christian Heimes |
Aug 31, 2014 05:23 pm |
|
Donald Stufft |
Aug 29, 2014 08:10 pm |
|
Donald Stufft |
Aug 29, 2014 09:11 pm |
|
R. David Murray |
Aug 29, 2014 09:42 pm |
|
Antoine Pitrou |
Aug 29, 2014 09:57 pm |
|
Donald Stufft |
Aug 29, 2014 10:00 pm |
Re: [Python-Dev] PEP 476: Enabling certificate validation by default! |
R. David Murray |
Aug 29, 2014 10:57 pm |
|
Antoine Pitrou |
Aug 29, 2014 09:55 pm |
|
M.-A. Lemburg |
Aug 29, 2014 09:58 pm |
|
Donald Stufft |
Aug 29, 2014 10:08 pm |
|
Antoine Pitrou |
Aug 29, 2014 10:22 pm |
|
Christian Heimes |
Aug 31, 2014 11:18 am |
|
Alex Gaynor |
Aug 30, 2014 02:44 am |
|
M.-A. Lemburg |
Aug 30, 2014 10:19 am |
|
Antoine Pitrou |
Aug 30, 2014 10:40 am |
|
M.-A. Lemburg |
Aug 30, 2014 10:46 am |
|
Antoine Pitrou |
Aug 30, 2014 10:55 am |
|
M.-A. Lemburg |
Aug 30, 2014 12:03 pm |
|
R. David Murray |
Aug 30, 2014 01:32 pm |
|
M.-A. Lemburg |
Aug 30, 2014 02:20 pm |
|
Steve Dower |
Aug 30, 2014 02:24 pm |
|
Barry Warsaw |
Aug 30, 2014 04:42 pm |
|
Paul Moore |
Aug 30, 2014 10:48 am |
|
Alex Gaynor |
Aug 30, 2014 03:22 pm |
|
Paul Moore |
Aug 30, 2014 03:36 pm |
|
Marko Rauhamaa |
Aug 30, 2014 04:17 pm |
|
Christian Heimes |
Aug 30, 2014 05:21 pm |
|
mar...@v.loewis.de |
Aug 30, 2014 08:03 pm |
|
Stephen J. Turnbull |
Aug 31, 2014 05:53 am |
|
Glyph Lefkowitz |
Sep 02, 2014 09:00 pm |
|
Antoine Pitrou |
Sep 02, 2014 09:32 pm |
|
Alex Gaynor |
Sep 02, 2014 10:16 pm |
|
Antoine Pitrou |
Sep 02, 2014 10:25 pm |
|
Nick Coghlan |
Sep 02, 2014 11:01 pm |
|
David Reid |
Sep 02, 2014 11:06 pm |
|
Nick Coghlan |
Sep 02, 2014 11:28 pm |
|
Glyph Lefkowitz |
Sep 02, 2014 11:47 pm |
|
Donald Stufft |
Sep 03, 2014 12:06 am |
|
Antoine Pitrou |
Sep 03, 2014 12:19 am |
|
Stephen J. Turnbull |
Sep 03, 2014 02:43 am |
|
Cory Benfield |
Sep 03, 2014 08:26 am |
|
Nick Coghlan |
Sep 03, 2014 10:34 am |
|
Antoine Pitrou |
Sep 03, 2014 02:29 pm |
|
Terry Reedy |
Sep 03, 2014 12:59 am |
|
R. David Murray |
Sep 03, 2014 01:29 am |
|
Antoine Pitrou |
Sep 03, 2014 02:31 pm |
|
R. David Murray |
Sep 03, 2014 03:58 pm |
|
Ethan Furman |
Sep 03, 2014 05:09 pm |
|
Alex Gaynor |
Sep 03, 2014 05:15 pm |
|
Ethan Furman |
Sep 03, 2014 05:29 pm |
|
Christian Heimes |
Sep 03, 2014 07:07 pm |
|
R. David Murray |
Sep 03, 2014 07:10 pm |
|
Ethan Furman |
Sep 03, 2014 07:42 pm |
|
Guido van Rossum |
Sep 03, 2014 05:54 pm |
|
Antoine Pitrou |
Sep 03, 2014 06:37 pm |
|
R. David Murray |
Sep 03, 2014 07:06 pm |
|
Guido van Rossum |
Sep 03, 2014 07:11 pm |
|
Nick Coghlan |
Sep 03, 2014 11:19 pm |
|
Antoine Pitrou |
Sep 03, 2014 11:36 pm |
|
Ethan Furman |
Sep 04, 2014 12:00 am |
|
Ethan Furman |
Sep 04, 2014 12:17 am |
|
Nick Coghlan |
Sep 04, 2014 03:11 am |
|
Antoine Pitrou |
Sep 04, 2014 12:39 pm |
|
Nick Coghlan |
Sep 04, 2014 01:31 pm |
|
Donald Stufft |
Sep 03, 2014 06:39 pm |
|
Christian Heimes |
Sep 03, 2014 07:26 pm |
|
Guido van Rossum |
Sep 03, 2014 07:37 pm |
|
Christian Heimes |
Sep 03, 2014 07:50 pm |
|
Alex Gaynor |
Sep 03, 2014 08:37 pm |
|
Benjamin Peterson |
Sep 03, 2014 11:10 pm |
|
Nick Coghlan |
Sep 03, 2014 11:29 pm |
|
Victor Stinner |
Sep 03, 2014 07:37 pm |
|
Christian Heimes |
Sep 03, 2014 07:44 pm |
|
Stephen J. Turnbull |
Sep 03, 2014 10:48 pm |
|
Gregory P. Smith |
Sep 08, 2014 09:35 pm |
|
Glyph Lefkowitz |
Sep 02, 2014 11:21 pm |
|
R. David Murray |
Sep 02, 2014 11:20 pm |
|
Christian Heimes |
Sep 02, 2014 10:41 pm |
|
Nick Coghlan |
Sep 01, 2014 09:31 pm |
|
Christian Heimes |
Sep 01, 2014 05:01 pm |
|
Donald Stufft |
Sep 01, 2014 05:08 pm |
|
Nick Coghlan |
Sep 01, 2014 03:35 pm |
|
Donald Stufft |
Sep 01, 2014 04:48 pm |