OK, I'll hold off a bit on approving the PEP, but my intention is to approve it. Go Alex go!
On Sat, Sep 20, 2014 at 4:03 PM, Nick Coghlan <ncogh...@gmail.com> wrote: > On 21 September 2014 08:22, Guido van Rossum <gu...@python.org> wrote: > > Sounds good. Maybe we should put the specifically targeted releases in > PEP > > 476? > > > > Nick, do Christian's issues need to be mentioned in the PEP or should we > > just keep those in the corresponding tracker items? > > They should be mentioned in the PEP, as they will impact the way the > proposed change interacts with the platform trust database - I didn't > realise the differences on Windows and Mac OS X myself until Christian > mentioned them. > > To be completely independent of the system trust database in a > reliable, cross-platform way, folks will need to use a custom SSL > context that doesn't enable the system trust store, rather than > relying on the OpenSSL config options - the latter will reliably *add* > certificates, but they won't reliably ignore the default ones provided > by the system. > > We may also need some clarification from Ned regarding the status of > OpenSSL and the potential impact switching from dynamic linking to > static linking of OpenSSL may have in terms of the > "OPENSSL_X509_TEA_DISABLE" setting. > > Regards, > Nick. > > -- > Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia > -- --Guido van Rossum (python.org/~guido)
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
