kennethreitz.org / Essays / 2014 / Introducing Certifi Trust Database For Humans
Introducing Certifi: Trust Database for Humans
The internet is an untrusted place. Every HTTP request you make should have verification on by default. This happens every time you access a website with your web browser, without any knowledge to the user — there’s no reason your code should be any different.
Certifi is here, for everyone, to make this possible.
“Unless you fully understand how system trust databases work (you probably don’t) and are capable to implement support for all relevant ones (you probably aren’t), I urge you: just use certifi.”
— Hynek Schlawack
“One of the first things people should ask when using a new toolset: How do I use Certifi with this?”
— Andrey Petrov
What is it?
Certifi is a carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. It has been extracted from the Requests project.
This project takes several different forms:
- Prepared & Processed Raw CA Bundle, containing latest Root Certificates.
- Distribution packages for Python, Ruby, Node, and Go.
- An email notification service for root certificate changes.
- Spreading educational service, love, and awareness into the world.
Spread the Love
This is a base platform — you shouldn’t have to care about this type of thing when you’re interacting with the web. That’s why your web browser takes care of this for you.
Go, and build better software that abstracts this away from the user so that they don’t need to download this bundle and be concerned with it when they’re building amazing things!
Developers are humans too.
ॐ
Moving Forward & Getting Involved
It would be great to get lots of helpful content up on certifi.io for all things related to trust, the web, and the future of this thing we're working together on. Send some pull requests!
Hyper-Links™