[hcs-d] how to validate ssl certificates correctly with python?

Zak Stone zstone at gmail.com
Sat Jan 28 22:50:04 EST 2012

Hello everyone,

I would like to allow a Python client to communicate securely via
HTTPS with a server I control that has a valid SSL certificate.
Unfortunately, it turns out that the relevant standard library
functions in Python 2.x do not attempt to validate a server's SSL
certificate _at all_, as you can see from the warnings in the
documentation below, which means that these functions are vulnerable
to man-in-the-middle attacks:


The folks at Stack Overflow suggest a variety of work-arounds,
including backporting the match_hostname function that was added to
the ssl module in Python 3.2:


More detailed information is available from the fellow who currently
maintains M2Crypto:


However, security is complicated, and I find the history of
catastrophic security failures caused by incorrect usage of TLS/SSL
sufficiently disturbing to seek expert advice. For example, it appears
that iOS allowed transparent man-in-the-middle decryption of encrypted
transmissions until last July:


This particular attack centered around Apple's failure to check the
"Basic Constraints" (or basicConstraints) fields in certificate
chains. This problem has surfaced before as well -- Moxie Marlinspike
seems to have found a similar vulnerability in Internet Explorer in


Unfortunately, it isn't obvious to me whether the use of
match_hostname or M2Crypto in Python will prevent this Basic
Constraints attack, and it is even more difficult to determine whether
the Python approaches to certificate validation referenced above cover
other known exploits.

Would anyone be so kind as to share the Right Way for a Python client
to communicate securely with a server over HTTPS?

Many thanks,

More information about the hcs-discuss mailing list