Complete.Org: Mailing Lists: Archives: offlineimap: September 2007:
Re: SSL certificate verification ?

Re: SSL certificate verification ?

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]

To:	offlineimap@xxxxxxxxxxxx
Subject:	Re: SSL certificate verification ?
From:	intrigeri <intrigeri@xxxxxxxx>
Date:	Sat, 15 Sep 2007 13:32:58 +0200

Hello,

John Goerzen wrote (04 Sep 2007 20:53:59 GMT) :
>> is it possible to ask offlineimap to verify the IMAP server's SSL
>> certificate against a trusted CA, in order to prevent
>> man-in-the-middle attacks ?
>>
>> If not, I might write a patch providing such an option, if the SSL
>> implementation used by offlineimap allows it.

> Originally, Python's standard SSL module did not support this.
> The non-standard ssleay module would.

> If this is different today, I would welcome such a patch.

Such support entered Python SVN trunk two weeks ago, and will be in
Python 2.6 :
http://mail.python.org/pipermail/python-checkins/2007-August/061867.html
The related doc is there : http://docs.python.org/dev/library/ssl.html

I=E2=80=99ll have a look and may write the needed patch, if and only if I c=
an
find a clean way to run Python SVN on Debian lenny.

Ciao,
--=20
  intrigeri <intrigeri@xxxxxxxx>
  | gnupg key @ http://intrigeri.boum.org/intrigeri.asc
  | Did you exchange a walk on part in the war
  | for a lead role in the cage?

[Prev in Thread]

Current Thread

[Next in Thread]

SSL certificate verification ?, intrigeri, 2007/09/04
- Re: SSL certificate verification ?, John Goerzen, 2007/09/04
  - Re: SSL certificate verification ?, intrigeri <=

Prev by Date: Re: Local copy of message corrupt
Next by Date: Assorted patches
Previous by thread: Re: SSL certificate verification ?
Next by thread: Re: Synchronization Issue (Folders not deleted)
Index(es):
- Date
- Thread