[issue34542] [TLS] Update test certs to future proof settings

2020-07-02 Thread Larry Hastings 


Larry Hastings  added the comment:

I also needed a backport of this to 3.5.  See #41183.

Also, it looks like this issue should have been closed long ago, so I'll go 
ahead and do that.

--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed
versions: +Python 3.5

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2020-07-02 Thread Larry Hastings 


Larry Hastings  added the comment:


New changeset d565be84993a3d618add139cf21038e12c60a13e by Christian Heimes in 
branch '3.5':
bpo-41183: Update test certs and keys (#21258)
https://github.com/python/cpython/commit/d565be84993a3d618add139cf21038e12c60a13e


--
nosy: +larry

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2020-07-01 Thread Christian Heimes 


Change by Christian Heimes :


--
pull_requests: +20406
pull_request: https://github.com/python/cpython/pull/21258

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2018-09-20 Thread miss-islington 


miss-islington  added the comment:


New changeset 49d65958e13db03b9a4240d8bdaff1a4be69a1d7 by Miss Islington (bot) 
(Christian Heimes) in branch '2.7':
[2.7] bpo-34542: Update test certs and keys (GH-8997) (GH-9397)
https://github.com/python/cpython/commit/49d65958e13db03b9a4240d8bdaff1a4be69a1d7


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2018-09-20 Thread miss-islington 


miss-islington  added the comment:


New changeset 11485102cb7b3c57a1bc6d04c4ff4b1e25c53530 by Miss Islington (bot) 
(Christian Heimes) in branch '3.6':
[3.6] bpo-34542: Update test certs and keys (GH-8997) (GH-9396)
https://github.com/python/cpython/commit/11485102cb7b3c57a1bc6d04c4ff4b1e25c53530


--
nosy: +miss-islington

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2018-09-18 Thread Christian Heimes 


Change by Christian Heimes :


--
pull_requests: +8820

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2018-09-18 Thread Christian Heimes 


Change by Christian Heimes :


--
pull_requests: +8819

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2018-09-06 Thread Christian Heimes 


Christian Heimes  added the comment:


New changeset 2d3f2dc9f8376415a31a6de260ccbe6a86f2816d by Christian Heimes 
(Miss Islington (bot)) in branch '3.7':
bpo-34542: Update test certs and keys (GH-8997) (GH-9007)
https://github.com/python/cpython/commit/2d3f2dc9f8376415a31a6de260ccbe6a86f2816d


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2018-08-29 Thread Christian Heimes 


Christian Heimes  added the comment:


New changeset e6dac0077996b1e1f886f036d6f2606237fa4c85 by Christian Heimes in 
branch 'master':
bpo-34542: Update test certs and keys (GH-8997)
https://github.com/python/cpython/commit/e6dac0077996b1e1f886f036d6f2606237fa4c85


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2018-08-29 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +8477

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2018-08-29 Thread Christian Heimes 


Change by Christian Heimes :


--
keywords: +patch
pull_requests: +8468
stage: test needed -> patch review

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue34542] [TLS] Update test certs to future proof settings

2018-08-29 Thread Christian Heimes 


New submission from Christian Heimes :

In bug #34399, I updated all RSA keys to 2048. However that not sufficient for 
future proof settings. Fedora's FUTURE crypto policy requires 3072bit RSA keys. 
Further more, I forgot to update the signature algorithm, too.

* RSA >= 3072bits
* finite field DH >= 3072bits
* signature algorithm with SHA2-256 or SHA2-384 PKCSv1 #1.5 (I don't think 
RSASSA-PSS works with OpenSSL 1.0.2 or TLS < 1.0)

--
assignee: christian.heimes
components: SSL
messages: 324324
nosy: alex, christian.heimes, dstufft, janssen
priority: normal
severity: normal
stage: test needed
status: open
title: [TLS] Update test certs to future proof settings
type: behavior
versions: Python 2.7, Python 3.6, Python 3.7, Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com