Use this package if you use pyOpenSSL and don't want to be MITMed.
service-identity aspires to give you all the tools you need for
verifying whether a certificate is valid for the intended purposes.
In the simplest case, this means host name verification. However,
service-identity implements RFC 6125 fully and plans to add other
relevant RFCs too.