[Twisted-Python] Re: SSL + AMP
db3l.net at gmail.com
Fri Mar 21 16:56:26 EDT 2008
Nathan <nathan.stocks at gmail.com> writes:
> On Wed, Mar 19, 2008 at 3:09 PM, <glyph at divmod.com> wrote:
>> If you could give some explanation of the security properties you expect
>> (how do you intend for the client and server to exchange information
>> about who they "really" are?) then we might be able to offer more direct
> The security properties that I want are:
> 1) My client and my server refuse to establish SSL (or any other type
> of) connections with anybody but each other.
> 2) My client and server do establish SSL connections with each other.
> Pretty simple in concept, really. I'll go read the API docs like you
I posted a while back a small sample of how to handle that for a
general Twisted protocol that might be of some help, or point you in
the right direction as well.
(Note the followup messages that clarify an erroneous "False" left in
the original posted code)
This works fine with just normal CA/server/client certificates created
through the standard OpenSSL process and tools.
More information about the Twisted-Python