Re: [Python-Dev] pip SSL

2013-10-26 Thread Donald Stufft
This pull request should solve this https://github.com/pypa/pip/pull/1256 On Oct 20, 2013, at 12:32 AM, Nick Coghlan wrote: > On 20 October 2013 05:46, Ian Cordasco wrote: >> Also the three of us maintaining requests and the author of urllib3 >> are all very conscious that the packaged pem file

Re: [Python-Dev] pip SSL

2013-10-19 Thread Nick Coghlan
On 20 October 2013 05:46, Ian Cordasco wrote: > Also the three of us maintaining requests and the author of urllib3 > are all very conscious that the packaged pem file is outdated. We have > an open issue about how to rebuild it accurately while taking into > consideration (and not including) the

Re: [Python-Dev] pip SSL

2013-10-19 Thread Nick Coghlan
On 20 Oct 2013 06:14, "Glenn Linderman" wrote: > > On 10/19/2013 12:46 PM, Ian Cordasco wrote: >> >> Also the three of us maintaining requests and the author of urllib3 >> are all very conscious that the packaged pem file is outdated. We have >> an open issue about how to rebuild it accurately whi

Re: [Python-Dev] pip SSL

2013-10-19 Thread Glenn Linderman
On 10/19/2013 12:46 PM, Ian Cordasco wrote: Also the three of us maintaining requests and the author of urllib3 are all very conscious that the packaged pem file is outdated. We have an open issue about how to rebuild it accurately while taking into consideration (and not including) the ones that

Re: [Python-Dev] pip SSL

2013-10-19 Thread Ian Cordasco
Also the three of us maintaining requests and the author of urllib3 are all very conscious that the packaged pem file is outdated. We have an open issue about how to rebuild it accurately while taking into consideration (and not including) the ones that have been revoked. Any suggestions you have c

Re: [Python-Dev] pip SSL

2013-10-19 Thread Donald Stufft
One of the reasons we switched to using requests was to help centralize the SSL handling code over to requests. So any issues could be fixed there and we just pull in a newer version of requests. On Oct 19, 2013, at 11:52 AM, Christian Heimes wrote: > Signed PGP part > Am 19.10.2013 16:59, schri

[Python-Dev] pip SSL

2013-10-19 Thread Christian Heimes
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Am 19.10.2013 16:59, schrieb Nick Coghlan: > It's the cert verification in pip that's relevant - the PEP was > updated so that ensurepip itself never talks to the internet. So I > guess that would mean checking the cert verification in pip's > vend