New submission from Cory Benfield: In order to perform HTTP Public Key Pinning (HPKP), it's necessary to have access to every certificate in the certificate trust chain. This is because the pinned key may actually be an intermediate or root certificate, rather than the leaf certificate.
PyOpenSSL offers this functionality, and it ought to be a relatively simple enhancement to expose the equivalent function in the stdlib. For more background, see the urllib3 issue tracking the HPKP feature: https://github.com/shazow/urllib3/pull/607 ---------- components: Library (Lib) messages: 242341 nosy: Lukasa priority: normal severity: normal status: open title: Add support for retrieving the certificate chain type: enhancement versions: Python 2.7, Python 3.5, Python 3.6 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue24107> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
