[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2020-10-16 Thread Benjamin Peterson 


Change by Benjamin Peterson :


--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2020-10-16 Thread Irit Katriel 


Irit Katriel  added the comment:

Can this be closed? 2.7 is no longer relevant.

--
nosy: +iritkatriel

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-08-28 Thread Benjamin Peterson 


Benjamin Peterson  added the comment:

Yes, makes sense for 2.7, too. Thanks.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-08-27 Thread Christian Heimes 


Christian Heimes  added the comment:

3.7 to 3.9 are fixed.

Benjamin, do you want the fix in 2.7?

--
priority: release blocker -> high

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-08-23 Thread Łukasz Langa 

Łukasz Langa  added the comment:

Should this be closed?

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-07-02 Thread Ned Deily 


Ned Deily  added the comment:


New changeset f97eb883d8a29ee9718147b3631ebd2741273d9b by Ned Deily (Miss 
Islington (bot)) in branch '3.7':
[3.7] bpo-37440: Enable TLS 1.3 post-handshake auth in http.client (GH-14448) 
(GH-14496)
https://github.com/python/cpython/commit/f97eb883d8a29ee9718147b3631ebd2741273d9b


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-07-01 Thread miss-islington 


miss-islington  added the comment:


New changeset 6be91102f75aa4b4b8c1e55960aa22008ff9e319 by Miss Islington (bot) 
in branch '3.7':
[3.7] bpo-37440: Enable TLS 1.3 post-handshake auth in http.client (GH-14448) 
(GH-14496)
https://github.com/python/cpython/commit/6be91102f75aa4b4b8c1e55960aa22008ff9e319


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-07-01 Thread miss-islington 


miss-islington  added the comment:


New changeset ee72dda9616258b57c19eb5af00f3e80a3fb8e22 by Miss Islington (bot) 
in branch '3.8':
[3.8] bpo-37440: Enable TLS 1.3 post-handshake auth in http.client (GH-14448) 
(GH-14495)
https://github.com/python/cpython/commit/ee72dda9616258b57c19eb5af00f3e80a3fb8e22


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-06-30 Thread miss-islington 


miss-islington  added the comment:


New changeset d1bd6e79da1ee56dc1b902d804216ffd267399db by Miss Islington (bot) 
(Christian Heimes) in branch 'master':
bpo-37440: Enable TLS 1.3 post-handshake auth in http.client (GH-14448)
https://github.com/python/cpython/commit/d1bd6e79da1ee56dc1b902d804216ffd267399db


--
nosy: +miss-islington

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-06-30 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +14313
pull_request: https://github.com/python/cpython/pull/14496

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-06-30 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +14311
pull_request: https://github.com/python/cpython/pull/14495

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-06-30 Thread Florian Bruhin 


Change by Florian Bruhin :


--
nosy: +The Compiler

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-06-29 Thread Ned Deily 


Ned Deily  added the comment:

Blocking 3.7.4 final pending resolution

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-06-29 Thread Ned Deily 


Change by Ned Deily :


--
nosy: +benjamin.peterson, lukasz.langa
priority: deferred blocker -> release blocker

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-06-28 Thread Christian Heimes 


Change by Christian Heimes :


--
keywords: +patch
pull_requests: +14264
stage:  -> patch review
pull_request: https://github.com/python/cpython/pull/14448

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-06-28 Thread Christian Heimes 


Change by Christian Heimes :


--
dependencies: +SSLContext.post_handshake_auth implicitly enables cert validation

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue37440] httplib should enable post-handshake authentication for TLS 1.3

2019-06-28 Thread Christian Heimes 


New submission from Christian Heimes :

httplib.client does not enable post-handshake authentication for TLS 1.3 
connections. PHA is necessary for TLS 1.3 connections to servers that have 
conditional client cert authentication. For example Apache mod_ssl uses PHA 
when only certain paths or request methods require a client cert to 
authenticate a client.

Since TLS 1.3 is enabled by default with OpenSSL 1.1.1 and TLS 1.3 is preferred 
over TLS 1.2, the lack of PHA extension breaks backwards compatibility.

--
assignee: christian.heimes
components: Library (Lib), SSL
messages: 346820
nosy: alex, christian.heimes, dstufft, janssen, ned.deily
priority: deferred blocker
severity: normal
status: open
title: httplib should enable post-handshake authentication for TLS 1.3
type: behavior
versions: Python 2.7, Python 3.7, Python 3.8, Python 3.9

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com