[RFC] Default to urllib http implementation.
Colin D Bennett
colin at gibibit.com
Tue May 19 03:47:26 BST 2009
Toshio Kuratomi wrote on Monday 18 May 2009:
> On 05/18/2009 05:25 PM, Jelmer Vernooij wrote:
> Do people feel that man-in-the-middle attacks between the client and a
> remote repository is a problem that bzr wants to prevent? If so, that
> is currently taken care of by pycurl and urllib would need additional
> code to handle it.
I don't understand. Any SSL connection should prevent man-in-the-middle
attacks, right?
> Note that the problem that jogged your memory on this is just an aspect
> of the third feature I listed. For pycurl to handle the case where the
> server's certificate is invalid (self-signed, out-of-date, for a
> different host, etc), bzr could grow an --insecure option that turns off
> the host certificate check. This should be easier to code than an
> option to turn on checking for urllib.
I would *not* want to turn off the host certificate check; that defeats the
point of using a secure connection in the first place. I would want to
instead *trust* the server certificate.
It sounds like pycurl's problem is that it has no good way for a user to trust
a certificate that is not signed by the standard list of CAs.
Regards,
Colin
More information about the bazaar
mailing list