[issue21043] Stop reccomending CACert.org in the SSL documentation

Changes by Alex Gaynor : Added file: http://bugs.python.org/file34600/cacert.diff ___ Python tracker ___ ___ Python-bugs-list mailing list Uns

[issue21043] Stop reccomending CACert.org in the SSL documentation

Alex Gaynor added the comment: Removed 2.7 since there's no API for getting the platform certs. -- versions: -Python 2.7 ___ Python tracker ___ _

[issue21043] Stop reccomending CACert.org in the SSL documentation

Alex Gaynor added the comment: I've attempted to modernize the paragraph. -- Added file: http://bugs.python.org/file34599/cacert.diff ___ Python tracker ___ _

[issue21043] Stop reccomending CACert.org in the SSL documentation

Donald Stufft added the comment: It's quite old (that paragraph) likely it was written that way because back then Python didn't have a way to load certificates. -- ___ Python tracker __

[issue21043] Stop reccomending CACert.org in the SSL documentation

Antoine Pitrou added the comment: That whole paragraph in the documentation is weird. Usually, you don't download select root certificates from various CAs, you just elect to trust a predetermined set of root certs (the system ones, usually). I would suggest rewording it and dropping the vario

[issue21043] Stop reccomending CACert.org in the SSL documentation

Changes by Alex Gaynor : -- versions: +Python 2.7, Python 3.4, Python 3.5 ___ Python tracker ___ ___ Python-bugs-list mailing list Uns

[issue21043] Stop reccomending CACert.org in the SSL documentation

Donald Stufft added the comment: I completely agree, it seems less than good to recommend CACert. -- ___ Python tracker ___ ___ Python

[issue21043] Stop reccomending CACert.org in the SSL documentation

New submission from Alex Gaynor: CACert is not in the root trust store on *any* platform that I'm aware of, and has not passed any audits. See http://lwn.net/SubscriberLink/590879/ce23ed7bab68e489/ for more background. In it's place I've added StartSSL, which is included in most (all?) root tr