[Twisted-Python] Re: SSL + AMP
David Bolen
db3l.net at gmail.com
Fri Mar 21 16:56:26 EDT 2008
Nathan <nathan.stocks at gmail.com> writes:
> On Wed, Mar 19, 2008 at 3:09 PM, <glyph at divmod.com> wrote:
>> If you could give some explanation of the security properties you expect
>> (how do you intend for the client and server to exchange information
>> about who they "really" are?) then we might be able to offer more direct
>> guidance.
>
> The security properties that I want are:
>
> 1) My client and my server refuse to establish SSL (or any other type
> of) connections with anybody but each other.
> 2) My client and server do establish SSL connections with each other.
>
> Pretty simple in concept, really. I'll go read the API docs like you
> suggested...
I posted a while back a small sample of how to handle that for a
general Twisted protocol that might be of some help, or point you in
the right direction as well.
http://twistedmatrix.com/pipermail/twisted-python/2007-August/015935.html
(Note the followup messages that clarify an erroneous "False" left in
the original posted code)
This works fine with just normal CA/server/client certificates created
through the standard OpenSSL process and tools.
-- David
More information about the Twisted-Python
mailing list