Stefan Krah <stefan-use...@bytereef.org> added the comment: > Distutils doesn't validate PyPI server certificate, so this change > doesn't prevent from MITM attacks, but at least it makes package > submissions over wireless channels and public networks safer.
Is that so? It's been a while, but I think e.g. ettercap is a highly automated tool for MITM attacks that isn't very hard to use. ---------- nosy: +skrah _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue12226> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
