Antoine Pitrou <pit...@free.fr> added the comment: > with your latest proposal 'HIGH:!aNULL:!eNULL:!SSLv2' : > - MD5 was disabled > - IDEA was disabled > - SEED was disabled
That was the consequence of it, but that wasn't an explicit goal. > Generally speaking, as a concept to define a default we could: > - Start from a FIPS-140 compliant SSL stack > - Open some additional ciphers for compatibility reason (for example > RC4-SHA) > > What do you think about such approach? As I already said, the more sophisticated the approach, the more tedious the maintenance. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13636> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com