mxnet-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thomas DELTEIL <thomas.delte...@gmail.com>
Subject Re: Allow SSL Verification to be off in mx.gluon.utils.download?
Date Wed, 04 Jul 2018 14:44:54 GMT
Agree that we should never push code that has a download with the flag
disabled. But I don't see a problem having a flag to disable ssl
verification if users want to put themselves at risk. I don't think à
warning is necessary as long as the API wording is scary enough.

All the best,

Thomas

On Wed, Jul 4, 2018, 06:50 kellen sunderland <kellen.sunderland@gmail.com>
wrote:

> I'd agree with Sheng and Pedro.  I would also not put a warning message in
> place when the function is explicitly called with SSL verification turned
> off.  I would assume if the code author intentionally disables verification
> that the message being displayed would not provide value.
>
> -Kellen
>
>
> On Wed, Jul 4, 2018 at 3:42 PM Pedro Larroy <pedro.larroy.lists@gmail.com>
> wrote:
>
> > Agree with Sheng. Not always a website has trusted SSL cert, and you
> might
> > still want to download cat and elephant pictures from it. (I checked some
> > usages of this function).
> >
> > On Wed, Jul 4, 2018 at 9:47 AM Marco de Abreu
> > <marco.g.abreu@googlemail.com.invalid> wrote:
> >
> > > Thanks for raising this issue Sheng.
> > >
> > > My proposal would be to always print a warning message when this
> function
> > > is called with the ssl check disabled. This functionality would be
> tested
> > > by a unit test which mocks the network access.
> > >
> > > Additionally, I'd like to propose that we set a policy for ourselves
> that
> > > we as MXNet community never submit any code that has this flag disabled
> > and
> > > rather ensure that the servers we are using are properly secured with
> > > correct ssl certificates.
> > >
> > > -Marco
> > >
> > > Sheng Zha <szha.pvg@gmail.com> schrieb am Mi., 4. Juli 2018, 08:58:
> > >
> > > > Hi,
> > > >
> > > > This is a follow-up discussion from PR-11546
> > > > <
> > > >
> > >
> >
> https://github.com/apache/incubator-mxnet/pull/11546#pullrequestreview-134215477
> > > > >
> > > > per
> > > > suggestion from Marco. The proposed approach is to add an option to
> > allow
> > > > users who call the download function to explicitly turn off ssl
> > > > verification. The default behavior is unchanged (i.e. always verify).
> > > From
> > > > the comments so far:
> > > >
> > > > Pros:
> > > > Users can use this function to download from trusted links that don't
> > > have
> > > > proper ssl cert set-up, only by disabling this option explicitly.
> > Without
> > > > this option, the download function cannot be used in such case.
> > > >
> > > > Cons:
> > > > Vulnerable to MITM when disabled.
> > > >
> > > > My take on this is that having such option is better, since download
> > > > function can be useful in more scenarios. I'd like to hear from
> others
> > if
> > > > there are scenarios that this approach is absolutely not acceptable.
> > > > Thanks.
> > > >
> > > > -sz
> > > >
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message