Christian Heimes <li...@cheimes.de> added the comment:
> It would be advisable for Python3 to start enforcing security level 2, and > prohibit DTLS v1.1 and lower by default too. By configuring openssl library > on the host with setting security level, and/or setting min versions (if > openssl on the host supports such api). Because allowing to use TLS v1.1 and > lower out of the box is irresponsible. We are going to change the default settings in our own OpenSSL builds together with https://www.python.org/dev/peps/pep-0644/ . For Linux distros we will rely on distro-wide crypto policies. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue43382> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com