Heikki Toivonen <[EMAIL PROTECTED]> added the comment: I would definitely recommend providing as strict as possible hostname verification in the stdlib, but provide application developers a way to override that.
M2Crypto (and TLS Lite, from which I copied the approach to M2Crypto), provide a default post connection checker. See http://svn.osafoundation.org/m2crypto/trunk/M2Crypto/SSL/Connection.py and the set_post_connection_check_callback() as well as http://svn.osafoundation.org/m2crypto/trunk/M2Crypto/SSL/Checker.py. ---------- nosy: +heikki _______________________________________ Python tracker <[EMAIL PROTECTED]> <http://bugs.python.org/issue1589> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
