It's been called the "most dangerous code in the world." SSL certificates and key signing, if verified improperly, can expose your code and your users to man-in-the-middle attacks. As we saw with the Apple SSL flaw, such improper handling truly is "goto fail;”
Jim Baker will use examples from Jython's socket-reboot project. This supports the OpenSSL-based API in Python on top of the Java security model. We will also look at certificate pinning to prevent compromised certificate authority vulnerabilities. Our focus throughout will be how to write robust code that avoids the dangers.