subject:"Re\: \[Python\-Dev\] Let's make the SSL module sane"

Re: [Python-Dev] Let's make the SSL module sane

2016-09-12 Thread Antoine Pitrou

On Sat, 10 Sep 2016 20:23:13 +0200 Christian Heimes wrote: > > It's a bit too clever and tricky for my taste. I prefer 'explicit is > better than implicit' for trust anchors. My main concern are secure > default settings. A SSLContext should be secure w/o further settings

Re: [Python-Dev] Let's make the SSL module sane

2016-09-12 Thread Antoine Pitrou

On Sat, 10 Sep 2016 16:22:57 +0200 Christian Heimes wrote: > > For 3.6 I like to make the SSL more sane and more secure by default. > Yes, I'm a bit late but all my proposals are implemented, documented, > partly tested and existing tests are passing. I don't have time

Re: [Python-Dev] Let's make the SSL module sane

2016-09-10 Thread Nick Coghlan

On 11 September 2016 at 05:20, Christian Heimes wrote: > On 2016-09-10 17:24, Nick Coghlan wrote: >> On 11 September 2016 at 00:22, Christian Heimes wrote: >>> First I like to deprecated some old APIs and favor of SSLCotext. We have >>> multiple ways

Re: [Python-Dev] Let's make the SSL module sane

2016-09-10 Thread Christian Heimes

On 2016-09-10 17:24, Nick Coghlan wrote: > On 11 September 2016 at 00:22, Christian Heimes wrote: >> First I like to deprecated some old APIs and favor of SSLCotext. We have >> multiple ways to create a SSL socket or to configure libraries like >> urllib. The general idea is

Re: [Python-Dev] Let's make the SSL module sane

2016-09-10 Thread Christian Heimes

On 2016-09-10 18:24, Donald Stufft wrote: > >> On Sep 10, 2016, at 10:22 AM, Christian Heimes wrote: >> >> I don't load any certs because it is not possible to remove a cert or >> X509 lookup once it is loaded. create_default_context() just have to >> load the certs and set

Re: [Python-Dev] Let's make the SSL module sane

2016-09-10 Thread Donald Stufft

> On Sep 10, 2016, at 10:22 AM, Christian Heimes wrote: > > I don't load any certs because it is not possible to remove a cert or > X509 lookup once it is loaded. create_default_context() just have to > load the certs and set more secure ciper suites. This part is the

Re: [Python-Dev] Let's make the SSL module sane

2016-09-10 Thread Nick Coghlan

On 11 September 2016 at 00:22, Christian Heimes wrote: > First I like to deprecated some old APIs and favor of SSLCotext. We have > multiple ways to create a SSL socket or to configure libraries like > urllib. The general idea is to make SSLContext the central object for >

Re: [Python-Dev] Let's make the SSL module sane

Re: [Python-Dev] Let's make the SSL module sane

Re: [Python-Dev] Let's make the SSL module sane

Re: [Python-Dev] Let's make the SSL module sane

Re: [Python-Dev] Let's make the SSL module sane

Re: [Python-Dev] Let's make the SSL module sane

Re: [Python-Dev] Let's make the SSL module sane

7 matches

Site Navigation

Mail list logo

Footer information