Re: [Distutils] Announcement: TLSv1.2 will become mandatory in thefuture

"I don’t think it’s a particularly big deal to tie the tls module to the Python lifecycle though" I'd hope that the API of this module is stable enough and the native part of the implementation is OS-specific enough that we may not even need to update it that often. (I'm advocating very

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

On 12 January 2017 at 14:12, Glyph Lefkowitz wrote: > It's possible for Pip to notice that it wants to replace a particular file; > you can "unlock" it by moving it aside. > > https://serverfault.com/a/503769 Very interesting, especially as the way CPython loads

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

On 12 January 2017 at 13:47, Donald Stufft wrote: > I don’t think it’s a particularly big deal to tie the tls module to the > Python lifecycle though, we’ve got a precident for PEPs that backport > important security critical stuff and most things are presumably going to be >

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

> On Jan 11, 2017, at 7:40 PM, Nick Coghlan wrote: > > On 12 January 2017 at 13:00, Donald Stufft wrote: >> This doesn’t work well because it’s not something that pip is going to be >> able to upgrade on Windows, because the .so will be locked when pip

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

> On Jan 11, 2017, at 10:40 PM, Nick Coghlan wrote: > > On 12 January 2017 at 13:00, Donald Stufft wrote: >> This doesn’t work well because it’s not something that pip is going to be >> able to upgrade on Windows, because the .so will be locked when pip

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

On 12 January 2017 at 13:00, Donald Stufft wrote: > This doesn’t work well because it’s not something that pip is going to be > able to upgrade on Windows, because the .so will be locked when pip imports > it on Windows and we won’t be able to uninstall it to do an upgrade. We

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

> On Jan 11, 2017, at 9:58 PM, Nick Coghlan wrote: > > On 12 January 2017 at 04:26, Brett Cannon wrote: >> >> On Tue, 10 Jan 2017 at 12:51 Donald Stufft wrote: >>> >>> [SNIP] >>> >>> >>> It would be really nice if we could deprecate

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

On 12 January 2017 at 04:26, Brett Cannon wrote: > > On Tue, 10 Jan 2017 at 12:51 Donald Stufft wrote: >> >> [SNIP] >> >> >> It would be really nice if we could deprecate `ssl` (which has a bunch of >> OpenSSL specific stuff in it) and add a new `tls` module

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

On 01/11/2017 10:26 AM, Brett Cannon wrote: I know both Cory Benfield and Christian Heimes brought this up briefly at the PyCon US 2016 language summit at the end of their SSL discussion, but I don't think it went anywhere because there was some other discussion that dominated the end of

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

On Tue, 10 Jan 2017 at 12:51 Donald Stufft wrote: > [SNIP] > > > It would be really nice if we could deprecate `ssl` (which has a bunch of > OpenSSL specific stuff in it) and add a new `tls` module that served as an > implementation agnostic library that would use OpenSSL on

Re: [Distutils] Announcement: TLSv1.2 will become mandatory in the future

On 1/11/2017 8:09 AM, Ronald Oussoren wrote: On 10 Jan 2017, at 21:47, Ned Deily wrote: Annoyingly with OpenSSL on OSX you have to options: either use an up-to-date release or have OpenSSL use the system CA trust store, but not both. Sigh… It would be nice if someone