Man-in-the-Middle (MitM)

python-openid is vulnerable to man-in-the-middle MitM attacks. The vulnerability exists due to the usage of urllib2 which does not perform the verification of SSL Certificates. This defeats the purpose of SSL Certificates, allowing tampered connections to succeed and to happen unnoticed...