I think agreeing that pyOpenSSL is maintained by the lot of us, poor decision makers, is the right move. +1.
As you've both astutely highlighted, none of us really like pyOpenSSL, nor do we make much time for it. Are there things we can do to lower the maintenance burden for ourselves? At this point the X.509 layer in cryptography is complete, can we deprecate the one in pyOpenSSL? That'd let us kill a good deal of code, and really get pyOpenSSL down to just an SSL layer, which is all we care about anyways. Alex On Wed, Jun 7, 2017 at 4:39 AM, Cory Benfield <c...@lukasa.co.uk> wrote: > Hynek, > > Thanks for writing this email. For what it’s worth, I disagree with the > premise, but let’s just grant it and discuss the future of PyOpenSSL. > > I think it’s safe to say that everyone with the commit bit has pretty > lukewarm feelings towards PyOpenSSL. At this point it primarily exists to > serve Twisted: in most situations Requests can get by with using the stdlib > thanks to 2.7.9 fixing many problems, and as time marches on the spectrum > of users that need PyOpenSSL for Requests is getting smaller and smaller. > > However, I agree that PyOpenSSL isn’t going anywhere, especially given > that python-dev is reluctant to backport MemoryBIO. There does not appear > to be any reason to assume that PyOpenSSL can be abandoned until after 2020 > at the very earliest, especially as it may turn out that I need it for PEP > 543 anyway. So I 100% agree that we need to find a way to transition > maintainership. > > My proposal is to just formalize the position we already mostly have and > say that PyOpenSSL has no single lead maintainer, but is co-maintained by > the PyCA team. We can then discuss whether there is value in bringing in > others to help spread the load around. This is already the de facto state > of PyOpenSSL: we’d just be formalizing that position so we can remove your > name from the “maintainer” slot and try to reduce the amount of email you > get. > > How does that sound? > > Cory > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev@python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6
_______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
