Message150118
| Author |
pitrou |
| Recipients |
naif, pitrou |
| Date |
2011年12月22日.22:45:29 |
| SpamBayes Score |
2.637795e-06 |
| Marked as misclassified |
No |
| Message-id |
<1324593933.28.0.35578581684.issue13647@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
> There is a new "match_hostname" that doesn't implement all the
> required, standard SSL/TLS Client security checks that should be done.
Indeed, as the name indicates, it just checks the hostname.
Please detail what the other security checks are (bonus points if you provide a patch + tests).
> It has been noticed by the well known security researcher Dan Kaminsky
What's the URL for this?
> A) Integrate the Mozilla CA pack into Python, updating it with each
> security release.
I suggest you discuss this on python-dev:
http://mail.python.org/mailman/listinfo/python-dev |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2011年12月22日 22:45:33 | pitrou | set | recipients:
+ pitrou, naif |
| 2011年12月22日 22:45:33 | pitrou | set | messageid: <1324593933.28.0.35578581684.issue13647@psf.upfronthosting.co.za> |
| 2011年12月22日 22:45:29 | pitrou | link | issue13647 messages |
| 2011年12月22日 22:45:29 | pitrou | create |
|