On Sat, Mar 22, 2014, at 16:34, Antoine Pitrou wrote: > On Sun, 23 Mar 2014 09:08:29 +1000 > Nick Coghlan <ncogh...@gmail.com> wrote: > > On 23 March 2014 08:53, Ben Darnell <b...@bendarnell.com> wrote: > > > I agree wholeheartedly with the sentiment behind this PEP, but I have > > > concerns about the implementation. If we introduce new APIs into the ssl > > > module then we will see packages and applications that depend on Python > > > 2.7.7+, just like with the introduction of bool in 2.2.1. This will be a > > > mess unless adoption of new Python minor versions is swift and consistent. > > > The PEP says that new features should be testable with feature detection, > > > but how far does that go? The Python 3 NPN interface is a method of > > > SSLContext, which didn't exist in 2.7. Do we backport the entire > > > SSLContext > > > interface in a minor release, or introduce a new NPN interface that is not > > > based on SSLContext just for older Pythons? > > > > The whole thing. > > Have you first tried to do it and appreciate the amount of disruption > it would cause? > > > It's not just ssl2: you needs os2, random2, ftplib2, poplib2, > > imaplib2, smtplib2. You also run headlong into the problem of a > > complex external dependency on OpenSSL (which the Linux distro > > repackagers currently handle for us). > > So are you proposing to backport changes to all these modules too? This > sounds crazy.
If one reads the PEP, one will notice it indeed proposes a "conditional" exception for "networking related modules that depend on one or more of the network security related modules [ssl, hashlib,...]". _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
