I still have versions of 2.6 installed that I can help you test with if you would like. I also have an older version of OpenSSL on one of them (0.9.8 I think) which I know causes issues for some people. On Feb 19, 2013 8:23 AM, "Giovanni Bajo" <ra...@develer.com> wrote:
> Il giorno 19/feb/2013, alle ore 06:13, Richard Jones < > r1chardj0...@gmail.com> ha scritto: > > > Hi all, > > > > I've just altered the nginx configuration to promote (ie. redirect to) > > HTTPS for all GET/HEAD requests. This includes HSTS, but I've set the > > lifetime to 1 day just in case there's some HTTPS compatibility > > issues. Once it's bedded down I'll bump it to a year. > > What is the benefits of redirects? I think they just hide potential > problems, and they still can be exploited by MITM through ssl-stripping. > Plus, they cause breakage and/or UX problems in existing tools. > > Given that they give basically no security, I would suggest their removal > until we fix all important issues in all third-party tools. For browsers, > since you can still serve HSTS headers even without redirects, we can get > it included in Chrome and Firefox builtin HSTS list. > > > 2. incorporate some monkey-patching into distribute and setuptools and > > promote those, > > I think this is our best bet for an immediate and global solution for > outdated versions of Python as well. I will work to prepare a distutils > patch that is compatible with 2.6 (which includes SSL), and then adapt it > for 2.7 and 3.x. > > Do we have numbers of how many 2.5-compatible packages have been updated > in the last 6 months? > > > 4. fix distutils (and accept a long lead time to actual impact), or > > This can be done for mainline. > -- > Giovanni Bajo :: ra...@develer.com > Develer S.r.l. :: http://www.develer.com > > My Blog: http://giovanni.bajo.it > > > _______________________________________________ > Catalog-SIG mailing list > Catalog-SIG@python.org > http://mail.python.org/mailman/listinfo/catalog-sig > >
_______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
