Comment 3 for bug 1047432

Security review:
* One CVE: CVE-2012-2374. Issue was fixed prompted and with a one line patch
* Python library
* Lintian clean, no initscripts/upstart jobs, no dbus services, not setuid/fscaps/sudo/pkexec, no cron jobs. Has a testsuite, but not enabled.
* Uses the system ca-certificates file. Defaults to certificate verification.
* Minor nit: demos have predictable filenames in /tmp

Conditional ACK provided the testsuite is enabled.