On 11 September 2016 at 00:22, Christian Heimes <christ...@python.org> wrote: > First I like to deprecated some old APIs and favor of SSLCotext. We have > multiple ways to create a SSL socket or to configure libraries like > urllib. The general idea is to make SSLContext the central object for > TLS/SSL configuration. My patch deprecates ssl.wrap_socket()
I'll bring over my question from the tracker issue to here: there's a subset of ssl.wrap_socket() arguments which actually make sense as arguments to ssl.get_default_context().wrap_socket(). Accordingly, we can pick a subset of code (e.g. SSL/TLS clients) that we bless with not needing to change, leaving only code using deprecated parameters or creating server sockets that needs to be updated. As with past network security changes, a major factor we need to account for is that no matter how valuable a particular goal is from a broader industry perspective, people don't tend to react to API breaks by fixing their code - they react by not upgrading at all. Regards, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com