On 19 October 2013 22:44, Christian Heimes <christ...@python.org> wrote: > Am 19.10.2013 00:56, schrieb Guido van Rossum: > A couple of months I had a long and fruitful discussion with MAL about > the issue. Egenix PyOpenSSL installer comes with a root CA bundle. He > tried a couple of approaches to handle trust settings with OpenSSL > means. Eventually MAL had to split up the bundle into multiple files for > each purpuse, see > http://www.egenix.com/company/news/eGenix-pyOpenSSL-Distribution-0.13.2.1.0.1.5.html > > We should *really* write a PEP about it, specify all details and get a > proper review from real experts. This stuff is super complex and highly > fragile. :(
At the very least, it would be good if you and/or MAL could review the cert verification in pip. PEP 453 makes that kinda important :) Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
