Make PyOpenSSL mandatory to prevent MITM
We should make PyOpenSSL mandatory, as with Python's SSL sockets, no certificate checking is possible at all. That opens doors and windows for man-in-the-middle attacks, rendering SSL completely useless.
We should just add PyOpenSSL as a mandatory dependency and kill support for Python's SSL sockets. IMO, this is a security issue, thus priority is highest.