Merge pull request #100 from untitaker/distutils-is-secure-now

sigmavirus24 · sigmavirus24 · commit 28a69e02eabd · 2015-04-06T20:27:09.000-05:00
Rephrase section on distutil's security
diff --git a/README.rst b/README.rst
@@ -10,10 +10,11 @@ Why Should I Use This?
 ----------------------
 
 The biggest reason to use twine is that it securely authenticates you to PyPI
-over HTTPS using a verified connection while ``python setup.py upload`` `uses
-HTTP and exposes your credentials <http://bugs.python.org/issue12226>`_.  This
-means anytime you use it you expose your username and password to being
-sniffed. Twine uses only verified TLS to upload to PyPI protecting your
+over HTTPS using a verified connection while ``python setup.py upload`` `only
+recently stopped using HTTP <http://bugs.python.org/issue12226>`_ in Python
+2.7.9+ and Python 3.2+. This means anytime you use ``python setup.py upload``
+with an older Python version, you expose your username and password to being
+easily sniffed. Twine uses only verified TLS to upload to PyPI protecting your
 credentials from theft.
 
 Secondly it allows you to precreate your distribution files.
