Antoine Pitrou added the comment: getpeercert() has a crappy API to begin with, but we can't change its behaviour for fear of breaking existing code (and, even, breaking it security-wise). Adding a parameter would make the API even more awful.
Which is why I support Christian's idea of exposing a new API, either: - to expose the full cert chain (even if not validated) - or to set the cert verify callback ---------- nosy: +pitrou _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue18293> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
