Path: csiph.com!usenet.pasdenom.info!news.albasani.net!feeder.erje.net!1.eu.feeder.erje.net!bcyclone04.am1.xlned.com!bcyclone04.am1.xlned.com!newsfeed.xs4all.nl!newsfeed3a.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.102 X-Spam-Level: * X-Spam-Evidence: '*H*': 0.80; '*S*': 0.00; 'subject:Python': 0.05; "'''": 0.09; 'normally,': 0.09; 'security.': 0.09; 'python': 0.11; 'blame': 0.16; 'certs': 0.16; 'from:addr:torriem': 0.16; 'from:name:michael torrie': 0.16; 'language:': 0.16; 'reedy': 0.16; 'wrote:': 0.16; 'browsers': 0.22; 'programming': 0.23; 'header:In-Reply-To:1': 0.24; 'tim': 0.24; 'header:User-Agent:1': 0.26; 'not.': 0.27; 'asked': 0.28; 'subject:other': 0.29; 'terry': 0.29; 'program,': 0.29; 'sense': 0.29; 'connection': 0.30; 'that.': 0.30; "can't": 0.32; 'subject:all': 0.32; 'message- id:@gmail.com': 0.35; 'to:addr:python-list': 0.35; 'adds': 0.35; 'false': 0.35; 'identity': 0.35; 'something': 0.35; "isn't": 0.35; 'but': 0.36; 'created': 0.36; '(and': 0.36; 'subject:: ': 0.37; 'rather': 0.38; 'received:org': 0.38; 'pm,': 0.39; 'to:addr:python.org': 0.39; 'received:192': 0.39; 'why': 0.40; 'some': 0.40; 'your': 0.60; 'confirm': 0.61; 'personally': 0.61; 'trusted': 0.62; 'more': 0.62; 'charset:windows-1252': 0.65; 'secure.': 0.66; 'subject:have': 0.80; 'browser.': 0.81; 'inherent': 0.84; "site's": 0.84; "they'd": 0.84; 'subject:you': 0.88; 'secured': 0.91; 'verified.': 0.93; 'authorities': 0.95 X-Virus-Scanned: amavisd-new at torriefamily.org Date: Fri, 22 May 2015 21:31:14 -0600 From: Michael Torrie User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: python-list@python.org Subject: Re: Ah Python, you have spoiled me for all other languages References: <555f440a$0$12990$c3e8da3$5496439d@news.astraweb.com> <555FA253.3020304@tundraware.com> In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.20+ Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 31 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1432352224 news.xs4all.nl 2910 [2001:888:2000:d::a6]:47625 X-Complaints-To: abuse@xs4all.nl X-Received-Bytes: 4423 X-Received-Body-CRC: 2631952653 Xref: csiph.com comp.lang.python:91090 On 05/22/2015 07:54 PM, Terry Reedy wrote: > On 5/22/2015 5:40 PM, Tim Daneliuk wrote: > >> Lo these many years ago, I argued that Python is a whole lot more than >> a programming language: >> >> https://www.tundraware.com/TechnicalNotes/Python-Is-Middleware/ > > Perhaps something at tundraware needs updating. > ''' > This Connection is Untrusted > > You have asked Firefox to connect securely to www.tundraware.com, but we > can't confirm that your connection is secure. > > Normally, when you try to connect securely, sites will present trusted > identification to prove that you are going to the right place. However, > this site's identity can't be verified. > ''' Sigh. I blame this as much on the browser. There's no inherent reason why a connection to a site secured with a self-signed certificate is insecure. In fact it's definitely not. Browsers need a better way to deal with self-signed certs, but I think they'd rather we all just pay up to the cert authorities and buy some false sense of security. Personally I created my own CA with the wonderful xca program, and sign all my certs with that. If a person adds my CA certificate to their browser, then my sites are trusted (and verified). But for a public web page this isn't very automatic.