Revision - e257574 - bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. [...]

Staging
v0.8.1

Revision e25757408dc22561af9f9589c2c7e2a2fbb66ee4 authored by Ned Deily on 12 June 2018, 01:44:58 UTC, committed by GitHub on 12 June 2018, 01:44:58 UTC

bpo-31432: Clarify ssl CERT_NONE/OPTIONAL/REQUIRED docs. (GH-3530) (GH-7652)

The documentation for CERT_NONE, CERT_OPTIONAL, and CERT_REQUIRED were
misleading and partly wrong. It fails to explain that OpenSSL behaves
differently in client and server mode. Also OpenSSL does validate the
cert chain everytime. With SSL_VERIFY_NONE a validation error is not
fatal in client mode and does not request a client cert in server mode.
Also discourage people from using CERT_OPTIONAL in client mode.

1 parent 2023eaf

Files
Changes

Permalinks

3.5.2.rst

.. bpo: 26930
.. date: 8636
.. nonce: 9JUeSD
.. release date: 2016-06-26
.. section: Core and Builtins

Update Windows builds to use OpenSSL 1.0.2h.

..

.. bpo: 26867
.. date: 8635
.. nonce: QPSyP5
.. section: Tests

Ubuntu's openssl OP_NO_SSLv3 is forced on by default; fix test.

..

.. bpo: 27365
.. date: 8634
.. nonce: ipkJ_M
.. section: IDLE

Allow non-ascii in idlelib/NEWS.txt - minimal part for 3.5.2.

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...