mxnet-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kellen sunderland <kellen.sunderl...@gmail.com>
Subject Re: Allow SSL Verification to be off in mx.gluon.utils.download?
Date Wed, 04 Jul 2018 13:50:00 GMT
I'd agree with Sheng and Pedro.  I would also not put a warning message in
place when the function is explicitly called with SSL verification turned
off.  I would assume if the code author intentionally disables verification
that the message being displayed would not provide value.

-Kellen


On Wed, Jul 4, 2018 at 3:42 PM Pedro Larroy <pedro.larroy.lists@gmail.com>
wrote:

> Agree with Sheng. Not always a website has trusted SSL cert, and you might
> still want to download cat and elephant pictures from it. (I checked some
> usages of this function).
>
> On Wed, Jul 4, 2018 at 9:47 AM Marco de Abreu
> <marco.g.abreu@googlemail.com.invalid> wrote:
>
> > Thanks for raising this issue Sheng.
> >
> > My proposal would be to always print a warning message when this function
> > is called with the ssl check disabled. This functionality would be tested
> > by a unit test which mocks the network access.
> >
> > Additionally, I'd like to propose that we set a policy for ourselves that
> > we as MXNet community never submit any code that has this flag disabled
> and
> > rather ensure that the servers we are using are properly secured with
> > correct ssl certificates.
> >
> > -Marco
> >
> > Sheng Zha <szha.pvg@gmail.com> schrieb am Mi., 4. Juli 2018, 08:58:
> >
> > > Hi,
> > >
> > > This is a follow-up discussion from PR-11546
> > > <
> > >
> >
> https://github.com/apache/incubator-mxnet/pull/11546#pullrequestreview-134215477
> > > >
> > > per
> > > suggestion from Marco. The proposed approach is to add an option to
> allow
> > > users who call the download function to explicitly turn off ssl
> > > verification. The default behavior is unchanged (i.e. always verify).
> > From
> > > the comments so far:
> > >
> > > Pros:
> > > Users can use this function to download from trusted links that don't
> > have
> > > proper ssl cert set-up, only by disabling this option explicitly.
> Without
> > > this option, the download function cannot be used in such case.
> > >
> > > Cons:
> > > Vulnerable to MITM when disabled.
> > >
> > > My take on this is that having such option is better, since download
> > > function can be useful in more scenarios. I'd like to hear from others
> if
> > > there are scenarios that this approach is absolutely not acceptable.
> > > Thanks.
> > >
> > > -sz
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message