Holes discovered in SSL certificate validation
Holes discovered in SSL certificate validation
Posted Nov 1, 2012 18:59 UTC (Thu) by robert_s (subscriber, #42402)Parent article: Holes discovered in SSL certificate validation
"In fact, Python's urllib, urllib2, and httplib documentation warns that no certificate checking is done by the libraries"
It is of course possible to make them do so using an approach similar to http://web.archive.org/web/20110125104752/http://www.much... (original url disappeared)
Though of course its not just working by default is the major failure here.