Re: Python & SSL

From: jjl@xxxxxxxxx (John J. Lee)
Date: 04 May 2006 17:44:02 +0000

Sybren Stuvel <sybrenUSE@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> writes:

John J. Lee enlightened us with:

Of course, remembering that the first thing to ask in response to
"is it secure?" is "against what?", for lots of purposes it just
doesn't matter that it ignores certificates.

I'm curious. Can you give me an example? AFAIK you need to know who
you're talking to before transmitting sensitive information, otherwise
you could be talking to anybody - and that's just what you wanted to
prevent with the encryption, right?

If Edward hadn't answered I would have said something along the lines
of what he said too, but more than that I just had in mind situations
where, when fetching a web page, the risk (probability and
consequences) of a man-in-the-middle attack doesn't feature much
higher than the risk of getting hit by a piece of debris from outer
space that day. Surprisingly often, it so happens that the people
setting up the web site used https, even though as a user of the site
I don't really care about the encryption or authentication.

That doesn't mean proper certificate handling wouldn't be good to have
(it would), just that installing m2crypto and finding the right docs
isn't necessarily worth the bother.

BTW, I assume the reason the OP (I forgot who that was) didn't have
https support compiled in was just that they didn't have OpenSSL
installed when they typed ./configure (since the Python build process
on unix uses autoconf). Either that or they installed a system
package to get Python (e.g. an .rpm) and the SSL support is is a
separate package (seems unlikely).

John

.

References:
- Python & SSL
  - From: James Stroud
- Re: Python & SSL
  - From: John J. Lee
- Re: Python & SSL
  - From: Sybren Stuvel

Prev by Date: Re: Problem building extension under Cygwin (ImportError: Bad address)
Next by Date: Re: Python for Perl programmers
Previous by thread: Re: Python & SSL
Next by thread: redemo.py with Tkinter
Index(es):
- Date
- Thread

Relevant Pages

Re: Certificate Services help
... server with a different name. ... DCs need certificates to talk to each other? ... aren't using certs, you should revoke all certificates and then uninstall ... Certificate Services without installing it on a different server. ...
(microsoft.public.windows.server.general)
Kerberos Key Distribution Center service hung on starting, ID 7022.
... The Kerberos Key Distribution Center service hung on starting. ... The error originates AFTER I installed two web certificates in IIS to ... ONLY AFTER installing the web certificates, ...
(microsoft.public.windows.server.general)
The Kerberos Key Distribution Center service hung on starting. ID 7022.
... The Kerberos Key Distribution Center service hung on starting. ... The error originates AFTER I installed two web certificates in IIS to ... ONLY AFTER installing the web certificates, ...
(microsoft.public.windows.server.security)
Re: windows mobile setup
... Installing Certificates on Windows Mobile 5 and Windows Mobile 6 ... How to install root certificates on a Windows Mobile-based device ... Describes certificate stores and root certificates in Windows Mobile 5.0. ...
(microsoft.public.windows.server.sbs)
problem with python com and python extensions
... Here is my problem,i have developed a python extension using ... certificates display name,subject and issuer,everything works fine ...
(comp.lang.python)