service-identity 21.1.0

Service identity verification for pyOpenSSL & cryptography.

Use this package if:

• you use pyOpenSSL and don’t want to be MITMed or
• if you want to verify that a PyCA cryptography certificate is valid for a certain hostname or IP address.

service-identity aspires to give you all the tools you need for verifying whether a certificate is valid for the intended purposes.

In the simplest case, this means host name verification. However, service-identity implements RFC 6125 fully and plans to add other relevant RFCs too.

service-identity’s documentation lives at Read the Docs, the code on GitHub.

Release Information

21.1.0 (2021-05-09)

Backward-incompatible changes:

• Python 3.4 is not supported anymore. It has been unsupported by the Python core team for a while now, its PyPI downloads are negligible, and our CI provider removed it as a supported option.

  It’s very unlikely that service-identity will break under 3.4 anytime soon, which is why we do not block its installation on Python 3.4. But we don’t test it anymore and will block it once someone reports breakage.

Deprecations:

none

Changes:

• service_identity.exceptions.VerificationError can now be pickled and is overall more well-behaved as an exception. This raises the requirement of attrs to 19.1.0.

Full changelog.

Authors

service-identity is written and maintained by Hynek Schlawack.

The development is kindly supported by Variomedia AG.

Other contributors can be found in GitHub’s overview.