On 03/03/2021 18.59, Senthil Kumaran wrote: > On Wed, Mar 3, 2021 at 8:08 AM Christian Heimes <christ...@python.org> wrote: > >> PEP 644 (not approved yet) and a soon-to-be-published PEP will hopefully >> get rid of the problem once and for all. PEP 644 removes support for >> OpenSSL < 1.1 and the new PEP will remove support for TLS 1.0 and 1.1 >> from stdlib. >> >> https://www.python.org/dev/peps/pep-0644/ > > Thank you for all the efforts here, Christian. The PEP provides a good > summary on the state. > +1 vote to it and hope we will have a much simpler system to reason with soon. > > It was hard for me (guess anyone) to track Libre/Open/Boring, TLS > versions etc, and leave alone keeping it compatible like you have been > doing. > The premise of PEP-0644 is extremely reasonable.
Thanks! :) It's actually easy: - BoringSSL is irrelevant unless you have a product that bundles/vendors the library as an internal dependency, e.g. Chrome. - LibreSSL is used by OpenBSD and DragonFly. - Everyone (*) else uses OpenSSL or moved back to OpenSSL (*) except for Windows, macOS, Android, Java, Firefox/Thunderbird, GnuPG, embedded systems, curl, and others. curl has something like 15 different TLS backends. _______________________________________________ python-committers mailing list -- python-committers@python.org To unsubscribe send an email to python-committers-le...@python.org https://mail.python.org/mailman3/lists/python-committers.python.org/ Message archived at https://mail.python.org/archives/list/python-committers@python.org/message/ZBQ6NJYJVF336CQ7Y7GIYYDWRNGVNLTL/ Code of Conduct: https://www.python.org/psf/codeofconduct/
