Chris, OK, seems reasonable. Thanks. In the near term, can you do this with M2Crypto or PyOpenSSL?
When I started this update in 2007, we were trying to keep the API simple to avoid confusing people and avoid competition with the two full-fledged toolkits out there. But I don't see any real reason not to extend the API a bit. Bill Chris Frantz <frant...@gmail.com> wrote: > Bill, > > I agree that it's usually better to let the SSL implementation pick > the ciphers. > > I have a certain device that I'd like to talk to that is running on an > underpowered embedded CPU. When I let OpenSSL pick the ciphers, it > chooses something like EDH-RSA-AES-SHA and takes about 3.5 seconds to > finish the handshake. If I can restrict the cipher list to > RSA-RC4-SHA I can reduce the handshake time to less than a second and > improve the throughput of any bulk data transfer over the connection. > > --Chris > > > > On Thu, Sep 10, 2009 at 12:09 PM, Bill Janssen<jans...@parc.com> wrote: > > Thanks, Chris. Can you explain why you want to set the cipher list > > explicitly? IMO, it's usually better to select a security scheme (TLS1, > > or SSLv3, etc.), and let the implementation pick the cipher list. > > > > Bill > > > > Chris Frantz <frant...@gmail.com> wrote: > > > >> Done. > >> > >> Attached to Issue 3597, which is a similar request to mine. > >> > >> Best Regards, > >> --Chris > >> _______________________________________________ > >> Python-Dev mailing list > >> Python-Dev@python.org > >> http://mail.python.org/mailman/listinfo/python-dev > >> Unsubscribe: > >> http://mail.python.org/mailman/options/python-dev/janssen%40parc.com > > _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
