diff --git a/library/ssl.po b/library/ssl.po index 5f5d13a377..3682350343 100644 --- a/library/ssl.po +++ b/library/ssl.po @@ -7,7 +7,7 @@ msgstr "" "Project-Id-Version: Python 3.12\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2023-12-21 18:18+0000\n" -"PO-Revision-Date: 2024-01-04 14:19+0800\n" +"PO-Revision-Date: 2024-01-09 10:47+0800\n" "Last-Translator: Adrian Liaw \n" "Language-Team: Chinese - TAIWAN (https://github.com/python/python-docs-zh-" "tw)\n" @@ -581,6 +581,8 @@ msgid "" "one of ``CA``, ``ROOT`` or ``MY``. Windows may provide additional cert " "stores, too." msgstr "" +"從 Windows 的系統憑證儲存庫中搜尋憑證。*store_name* 可以是 ``CA``、``ROOT`` " +"或 ``MY`` 的其中一個。Windows 也可能會提供額外的憑證儲存庫。" #: ../../library/ssl.rst:419 msgid "" @@ -590,6 +592,10 @@ msgid "" "data. Trust specifies the purpose of the certificate as a set of OIDS or " "exactly ``True`` if the certificate is trustworthy for all purposes." msgstr "" +"此函式會回傳一個元組 (cert_bytes, encoding_type, trust) 串列。encoding_type " +"指定了 cert_bytes 的編碼格式。它可以是用來表示 X.509 ASN.1 資料的 :const:" +"`x509_asn` 或是用來表示 PKCS#7 ASN.1 資料的 :const:`pkcs_7_asn`。Trust 通過一" +"組 OIDS 來指定憑證的用途,或是如果憑證對所有用途都可以使用則回傳 ``True``。" #: ../../library/ssl.rst:426 ../../library/ssl.rst:1542 #: ../../library/ssl.rst:1837 @@ -605,6 +611,8 @@ msgid "" "Retrieve CRLs from Windows' system cert store. *store_name* may be one of " "``CA``, ``ROOT`` or ``MY``. Windows may provide additional cert stores, too." msgstr "" +"從 Windows 的系統憑證儲存庫中搜尋 CRLs。*store_name* 可以是 ``CA``、``ROOT`` " +"或 ``MY`` 的其中一個。Windows 也可能會提供額外的憑證儲存庫。" #: ../../library/ssl.rst:442 msgid "" @@ -612,6 +620,9 @@ msgid "" "The encoding_type specifies the encoding of cert_bytes. It is either :const:" "`x509_asn` for X.509 ASN.1 data or :const:`pkcs_7_asn` for PKCS#7 ASN.1 data." msgstr "" +"此函式會回傳一個元組 (cert_bytes, encoding_type, trust) 串列。encoding_type " +"指定了 cert_bytes 的編碼格式。它可以是用來表示 X.509 ASN.1 資料的 :const:" +"`x509_asn` 或是用來表示 PKCS#7 ASN.1 資料的 :const:`pkcs_7_asn`。" #: ../../library/ssl.rst:453 msgid "Constants" @@ -622,6 +633,7 @@ msgid "" "All constants are now :class:`enum.IntEnum` or :class:`enum.IntFlag` " "collections." msgstr "" +"所有的常數現在都是 :class:`enum.IntEnum` 或 :class:`enum.IntFlag` 的集合。" #: ../../library/ssl.rst:461 msgid "" @@ -630,12 +642,17 @@ msgid "" "just about any cert is accepted. Validation errors, such as untrusted or " "expired cert, are ignored and do not abort the TLS/SSL handshake." msgstr "" +":attr:`SSLContext.verify_mode` 可能的值。除了 :attr:`SSLContext.verify_mode` " +"外,這是預設的模式。對於客戶端的 sockets,幾乎任何憑證都能被允許。驗證錯誤," +"像是不被信任或是過期的憑證,會被忽略並不會中止 TLS/SSL 握手。" #: ../../library/ssl.rst:467 msgid "" "In server mode, no certificate is requested from the client, so the client " "does not send any for client cert authentication." msgstr "" +"在伺服器模式下,不會從客戶端請求任何憑證,所以客戶端不用發送任何用於客戶端憑" +"證身分驗證的憑證。" #: ../../library/ssl.rst:470 ../../library/ssl.rst:2245 msgid "See the discussion of :ref:`ssl-security` below." @@ -647,6 +664,9 @@ msgid "" "`CERT_OPTIONAL` has the same meaning as :const:`CERT_REQUIRED`. It is " "recommended to use :const:`CERT_REQUIRED` for client-side sockets instead." msgstr "" +":attr:`SSLContext.verify_mode` 可能的值。在客戶端模式下,:const:" +"`CERT_OPTIONAL` 具有與 :const:`CERT_REQUIRED` 相同的含意。對於客戶端 sockets " +"推薦改用 :const:`CERT_REQUIRED`。" #: ../../library/ssl.rst:479 msgid "" @@ -656,12 +676,17 @@ msgid "" "certificate, it is verified. Any verification error immediately aborts the " "TLS handshake." msgstr "" +"在伺服器模式下,客戶憑證請求會被發送給客戶端。客戶端可以選擇忽略請求或是選擇" +"發送憑證來執行 TLS 客戶端憑證身分驗證。如果客戶端選擇發送憑證,則會對其進行驗" +"證。任何驗證錯誤都會立刻終止 TLS 握手。" #: ../../library/ssl.rst:485 ../../library/ssl.rst:504 msgid "" "Use of this setting requires a valid set of CA certificates to be passed to :" "meth:`SSLContext.load_verify_locations`." msgstr "" +"使用此設定需要將一組有效的 CA 憑證傳送給 :meth:`SSLContext." +"load_verify_locations`。" #: ../../library/ssl.rst:490 msgid "" @@ -674,6 +699,12 @@ msgid "" "cert. :const:`PROTOCOL_TLS_CLIENT` uses :const:`CERT_REQUIRED` and enables :" "attr:`~SSLContext.check_hostname` by default." msgstr "" +":attr:`SSLContext.verify_mode` 可能的值。在這個模式下,需要從 socket 連線的另" +"一端獲取憑證;如果未提供憑證或是驗證失敗,則將會導致 :class:`SSLError`。此模" +"式 **不能** 在客戶端模式下對憑證進行驗證,因為它無法去配對主機名稱。:attr:" +"`~SSLContext.check_hostname` 也必須被開起來來驗證憑證的真實性。:const:" +"`PROTOCOL_TLS_CLIENT` 會使用 :const:`CERT_REQUIRED` 並預設開啟 :attr:" +"`~SSLContext.check_hostname`。" #: ../../library/ssl.rst:500 msgid "" @@ -681,10 +712,12 @@ msgid "" "authentication. A client certificate request is sent to the client and the " "client must provide a valid and trusted certificate." msgstr "" +"對於 socket 伺服器,此模式會提供強制的 TLS 客戶端憑證驗證。客戶端憑證請求會被" +"發送給客戶端並且客戶端必須提供有效且被信任的憑證。" #: ../../library/ssl.rst:509 msgid ":class:`enum.IntEnum` collection of CERT_* constants." -msgstr "" +msgstr ":class:`enum.IntEnum` 為 CERT_* 常數的一個集合。" #: ../../library/ssl.rst:515 msgid "" @@ -692,6 +725,8 @@ msgid "" "certificate revocation lists (CRLs) are not checked. By default OpenSSL does " "neither require nor verify CRLs." msgstr "" +":attr:`SSLContext.verify_flags` 可能的值。在此模式下,不會檢查憑證吊銷列表 " +"(CRLs)。預設的 OpenSSL 並不會請求及驗證 CRLs。" #: ../../library/ssl.rst:523 msgid "" @@ -701,24 +736,32 @@ msgid "" "ancestor CA). If no proper CRL has been loaded with :attr:`SSLContext." "load_verify_locations`, validation will fail." msgstr "" +":attr:`SSLContext.verify_flags` 可能的值。在此模式下,只會檢查同等的憑證而不" +"會去檢查中間的 CA 憑證。此模式需要提供由對等憑證發行者 (它的直接上級 CA) 的有" +"效的 CRL 簽名。如果沒有用 :attr:`SSLContext.load_verify_locations` 載入適當" +"的 CRL,則會驗證失敗。" #: ../../library/ssl.rst:533 msgid "" "Possible value for :attr:`SSLContext.verify_flags`. In this mode, CRLs of " "all certificates in the peer cert chain are checked." msgstr "" +":attr:`SSLContext.verify_flags` 可能的值。在此模式下,會檢查對等憑證鍊中所有" +"憑證的 CRLs。" #: ../../library/ssl.rst:540 msgid "" "Possible value for :attr:`SSLContext.verify_flags` to disable workarounds " "for broken X.509 certificates." msgstr "" +":attr:`SSLContext.verify_flags` 可能的值,用來禁用已損壞的 X.509 憑證的解決方" +"法。" #: ../../library/ssl.rst:547 msgid "" "Possible value for :attr:`SSLContext.verify_flags` to enables proxy " "certificate verification." -msgstr "" +msgstr ":attr:`SSLContext.verify_flags` 可能的值,用來啟用憑證代理驗證。" #: ../../library/ssl.rst:554 msgid "" @@ -726,6 +769,8 @@ msgid "" "prefer trusted certificates when building the trust chain to validate a " "certificate. This flag is enabled by default." msgstr "" +":attr:`SSLContext.verify_flags` 可能的值。它指示 OpenSSL 在構建信任鍊來驗證憑" +"證時會優先使用被信任的憑證。此旗標預設開啟。" #: ../../library/ssl.rst:562 msgid ""