Martin v. Löwis <mar...@v.loewis.de> added the comment: > By that I mean, sending the ca_file and cert_reqs from the client, > which I believe would be required if you want to verify the server > certificate from the client end [1]. The other clients send only > the cert_file and the key_file.
Ah, you are probably referring to the "server name indication", which is a fairly recent TLS feature. Python does support it, in the server_hostname context field. You never ever send the CA certificate to the server in TLS, AFAIK (except as part of a chain including your own client certificate). ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13856> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
