[Code] SSL Client Authentication with Python OpenID
Kershaw, PJ (Philip)
philip.kershaw at stfc.ac.uk
Tue Jun 2 11:53:59 UTC 2009
Hi all,
I'd like to set up SSL with client authentication between a Relying Party and Provider. The SSL part is straightforward but I'm wondering what would be the best approach to set up client authentication.
I've looked at openid.yadis.discover to see if there is a way of enabling the Relying Party to authenticate the Provider when it retrieves the Yadis document. I noticed the fetchers interface and see it supports both pyCurl and urllib2 based requests. Can I slot in my own customised HTTPS fetcher? I could base it on pyCurl or M2Crypto.urllib2. I want to be able to verify against a given list of CAs and match to a restricted list of certificate distinguished names.
Anyone had any experience trying to do something similar or could advise?
Thanks,
Phil
--
Scanned by iCritical.
More information about the Code
mailing list