diff --git a/pep-0493.txt b/pep-0493.txt index 8a1f3d218..5a56fd116 100644 --- a/pep-0493.txt +++ b/pep-0493.txt @@ -128,7 +128,7 @@ Feature: Configuration API ========================== This change is proposed for inclusion in CPython 2.7.12 and later CPython 2.7.x -releases. It consists of a new ``ssl._verify_https_certificates()`` to specify +releases. It consists of a new ``ssl._https_verify_certificates()`` to specify the default handling of HTTPS certificates in standard library client libraries. It is not proposed to forward port this change to Python 3, so Python 3 @@ -139,14 +139,14 @@ Feature detection ----------------- The marker attribute on the ``ssl`` module related to this feature is the -``ssl._verify_https_certificates`` function itself. +``ssl._https_verify_certificates`` function itself. Specification ------------- -The ``ssl._verify_https_certificates`` function will work as follows:: +The ``ssl._https_verify_certificates`` function will work as follows:: - def _verify_https_certificates(enable=True): + def _https_verify_certificates(enable=True): """Verify server HTTPS certificates by default?""" global _create_default_https_context if enable: @@ -166,11 +166,11 @@ Security Considerations The inclusion of this feature will allow security sensitive applications to include the following forward-compatible snippet in their code:: - if hasattr(ssl, "_verify_https_certificates"): - ssl._verify_https_certificates() + if hasattr(ssl, "_https_verify_certificates"): + ssl._https_verify_certificates() Some developers may also choose to opt out of certificate checking using -``ssl._verify_https_certificates(enable=False)``. This doesn't introduce any +``ssl._https_verify_certificates(enable=False)``. This doesn't introduce any major new security concerns, as monkeypatching the affected internal APIs was already possible. @@ -449,7 +449,7 @@ Feature detection ----------------- There's no specific attribute indicating that this situation applies. Rather, -it is indicated by the ``ssl._verify_https_certificates`` and +it is indicated by the ``ssl._https_verify_certificates`` and ``ssl._https_verify_envvar`` attributes being present in a Python version that is nominally older than Python 2.7.9.