STINNER Victor added the comment: > So this seems to be a function that just gets the certificate? You need to > be careful with this since a server could perfectly decide to send a > different certificate depending on the client hello it receives. (...) In any > case, you should always use SSLv23, stop supporting anything else.
I don't understand. You say that depending on the protocol, you may get a different certificate, and then that we should stop supporting multiple protocol. Does it mean that you ask to remove a Python feature? Even if it is technically possible to return a different certificate, I don't think that much servers will return a different certificate if the client uses SSLv23 instead of SSLv3. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22935> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com