On 26/02/2019 21.31, Wes Turner wrote: >> IMHO it's > fine to ship the last 2.7 build with an OpenSSL version that was EOLed > just 24h earlier. > > Is this a time / cost issue or a branch policy issue? > > If someone was to back port the forthcoming 1.1.1 to 2.7 significantly > before the EOL date, could that be merged?
My mail is about official binary Python packages for Windows and macOS. We stick to an OpenSSL version to guarantee maximum backwards compatibility within a minor release. OpenSSL 1.1.1 has TLS 1.3 support and prefers TLS 1.3 over TLS 1.2. There is a small change that TLS 1.3 breaks some assumptions. Python 2.7 works mostly fine with OpenSSL 1.1.1. There are some minor test issues related to TLS 1.3 but nothing serious. Linux distros have been shipping Python 2.7 with OpenSSL 1.1.1 for a while. > There are all sorts of e.g. legacy academic works that'll never be > upgraded etc etc That topic is out of scope and has been discussed countless times. _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
