Jeffrey Gaynor wrote:
> A final question -- how widely is M2Crypto used? Since I will have to now
> pitch
>to our group that this is preferable the first questions they will ask
are about
>stability, who is using it and how secure is it really, especially
since it is
>at version 0.20.2 (i.e. no m
David Robinow wrote:
Never
use security software version 1.0 or greater. It was written by an
author insufficiently paranoid.
Hmmm. So to get people to trust your security software, you
should start with version 0.0 and increment by 0.001
for each release. :-)
--
Greg
--
http://mail.python
On Thu, Jul 29, 2010 at 9:13 AM, Antoine Pitrou wrote:
> On Wed, 28 Jul 2010 22:23:48 -0700
> geremy condra wrote:
>> >
>> > The new Python SSL module in 2.6 and later has a huge built-in
>> > security hole - it doesn't verify the domain against the
>> > certificate. As someone else put it, th
On Wed, 28 Jul 2010 22:23:48 -0700
geremy condra wrote:
> >
> > The new Python SSL module in 2.6 and later has a huge built-in
> > security hole - it doesn't verify the domain against the
> > certificate. As someone else put it, this means "you get to
> > talk securely with your attacker." As l
On 7/28/2010 10:23 PM, geremy condra wrote:
On Wed, Jul 28, 2010 at 10:08 PM, John Nagle wrote:
On 7/28/2010 6:26 PM, geremy condra wrote:
On Wed, Jul 28, 2010 at 4:41 PM, Jeffrey
Gaynorwrote:
The new Python SSL module in 2.6 and later has a huge built-in
security hole - it doesn't
> I know very little about security, but one thing I think I know. Never
> use security software version 1.0 or greater. It was written by an
> author insufficiently paranoid.
OpenSSL 1.0.0a was released about a month ago. ;)
--
http://mail.python.org/mailman/listinfo/python-list
On Thu, Jul 29, 2010 at 10:07 AM, Jeffrey Gaynor wrote:
> ...
> A final question -- how widely is M2Crypto used? Since I will have to now
> pitch to our group that this is preferable the first questions they will ask
> are about stability, who is using it and how secure is it really, especially
0.20.2 (i.e. no major release yet).
Thanks again!
Jeff
- Original Message -
From: "John Nagle"
To: python-list@python.org
Sent: Thursday, July 29, 2010 12:08:57 AM
Subject: Re: Newbie question regarding SSL and certificate verification
On 7/28/2010 6:26 PM, geremy condra w
On Wed, Jul 28, 2010 at 10:08 PM, John Nagle wrote:
> On 7/28/2010 6:26 PM, geremy condra wrote:
>>
>> On Wed, Jul 28, 2010 at 4:41 PM, Jeffrey
>> Gaynor wrote:
>>>
>>> Hi,
>>>
>>> I am making a first large project in python and am having quite a
>>> bit of difficulty unscrambling various python
On 7/28/2010 6:26 PM, geremy condra wrote:
On Wed, Jul 28, 2010 at 4:41 PM, Jeffrey
Gaynor wrote:
Hi,
I am making a first large project in python and am having quite a
bit of difficulty unscrambling various python versions and what
they can/cannot do. To wit, I must communicate with certain
se
On Wed, Jul 28, 2010 at 4:41 PM, Jeffrey Gaynor wrote:
> Hi,
>
> I am making a first large project in python and am having quite a bit of
> difficulty unscrambling various python versions and what they can/cannot do.
> To wit, I must communicate with certain services via https and am required to
Hi,
I am making a first large project in python and am having quite a bit of
difficulty unscrambling various python versions and what they can/cannot do. To
wit, I must communicate with certain services via https and am required to
perform certificate verification on them.
The problem is that
12 matches
Mail list logo
