I think it's time for this thread to stop as everyone seems to be talking
in circles. Christian said he's going to write a PEP so let's wait for that
before discussing this any further so we have a concrete proposal to focus
around.
On Wed, 31 Aug 2016 at 05:04 Nick Coghlan
On 31.08.2016 14:02, Nick Coghlan wrote:
> On 31 August 2016 at 20:20, M.-A. Lemburg wrote:
>> ... which would then mean: Python's compatibility roadmap will
>> be dictated by OpenSSL.
>>
>> I won't buy into that, sorry. Crypto is a helper in certain
>> situations, it's not what
On 31 August 2016 at 20:20, M.-A. Lemburg wrote:
> ... which would then mean: Python's compatibility roadmap will
> be dictated by OpenSSL.
>
> I won't buy into that, sorry. Crypto is a helper in certain
> situations, it's not what Python is all about. We should not
> let OpenSSL
On 31 August 2016 at 19:33, M.-A. Lemburg wrote:
> On 31.08.2016 10:43, Antoine Pitrou wrote:
>> On Wed, 31 Aug 2016 10:31:12 +0200
>> "M.-A. Lemburg" wrote:
>>>
>>> I am thinking of Python users out there who are running on LTS
>>> OS releases simply because
On 31.08.2016 12:05, Christian Heimes wrote:
> This was my last reply to your mails on this topic. It's clear to me
> that you are not open to Cory's, Nick's or my arguments and that you
> won't change your position. More replies are just a waste of my limited
> time.
I *am* open to arguments,
On 2016-08-30 18:00, Antoine Pitrou wrote:
> On Sun, 28 Aug 2016 22:40:11 +0200
> Christian Heimes wrote:
>>
>> Here is the deal for 2.7 to 3.5:
>>
>> 1) All versions older than 0.9.8 are completely out-of-scope and no
>> longer supported.
>>
>> 2) 0.9.8 is semi-support.
On 2016-08-31 11:33, M.-A. Lemburg wrote:
> On 31.08.2016 10:50, Christian Heimes wrote:
>> On 2016-08-31 10:31, M.-A. Lemburg wrote:
>>> In all this discussion I have yet to find a compelling security
>>> relevant argument for using an 1.0.2 API which is so important
>>> that we cannot make this
Le 31/08/2016 à 11:33, M.-A. Lemburg a écrit :
> On 31.08.2016 10:43, Antoine Pitrou wrote:
>> On Wed, 31 Aug 2016 10:31:12 +0200
>> "M.-A. Lemburg" wrote:
>>>
>>> I am thinking of Python users out there who are running on LTS
>>> OS releases simply because their IT doesn't let
On 31.08.2016 10:43, Antoine Pitrou wrote:
> On Wed, 31 Aug 2016 10:31:12 +0200
> "M.-A. Lemburg" wrote:
>>
>> I am thinking of Python users out there who are running on LTS
>> OS releases simply because their IT doesn't let them run anything
>> else.
>
> There is a solution
On 31.08.2016 10:50, Christian Heimes wrote:
> On 2016-08-31 10:31, M.-A. Lemburg wrote:
>> In all this discussion I have yet to find a compelling security
>> relevant argument for using an 1.0.2 API which is so important
>> that we cannot make this optional at runtime.
>>
>> The only argument
On 2016-08-31 10:31, M.-A. Lemburg wrote:
> In all this discussion I have yet to find a compelling security
> relevant argument for using an 1.0.2 API which is so important
> that we cannot make this optional at runtime.
>
> The only argument Christian reported was this one:
>
> """
>> BTW: Are
On Wed, 31 Aug 2016 10:31:12 +0200
"M.-A. Lemburg" wrote:
>
> I am thinking of Python users out there who are running on LTS
> OS releases simply because their IT doesn't let them run anything
> else.
There is a solution nowadays, which is to use Anaconda (or Miniconda).
On 2016-08-30 22:07, M.-A. Lemburg wrote:
> That was not my point. It's unfortunate that Python depends on
> a library which is inevitably going to need updates frequently,
> and which then may have the implication that Python won't compile on
> systems which don't ship with more recent OpenSSL
On 31.08.2016 01:55, Gregory P. Smith wrote:
> On Tue, Aug 30, 2016 at 1:08 PM M.-A. Lemburg wrote:
>>> On 29.08.2016 22:16, Christian Heimes wrote:
>>> In my
>>> opinion it is more than reasonable to ditch 1.0.1 and earlier.
>>
>> I want you to consider the consequences of doing
On 31 August 2016 at 00:55, Gregory P. Smith wrote:
> I find that users of such systems either use only what their distro itself
> supplies (ie: ancient versions at that point) or are fully comfortable
> building any dependencies their own software needs. If they are comfortable
On 31 August 2016 at 09:55, Gregory P. Smith wrote:
> On Tue, Aug 30, 2016 at 1:08 PM M.-A. Lemburg wrote:
>> Yet, a move to require OpenSSL 1.0.2 for Python 3.7 will make
>> it impossible to run such apps on systems that still use OpenSSL
>> 1.0.1, e.g. Ubuntu
On Tue, Aug 30, 2016 at 1:08 PM M.-A. Lemburg wrote:
> On 29.08.2016 22:16, Christian Heimes wrote:
> > On 2016-08-29 21:31, M.-A. Lemburg wrote:
> >> On 29.08.2016 18:33, Cory Benfield wrote:
> >>>
> On 29 Aug 2016, at 04:09, M.-A. Lemburg wrote:
>
>
> On 30 Aug 2016, at 16:07, M.-A. Lemburg wrote:
>
> That was not my point. It's unfortunate that Python depends on
> a library which is inevitably going to need updates frequently,
> and which then may have the implication that Python won't compile on
> systems which don't
On 29.08.2016 22:16, Christian Heimes wrote:
> On 2016-08-29 21:31, M.-A. Lemburg wrote:
>> On 29.08.2016 18:33, Cory Benfield wrote:
>>>
On 29 Aug 2016, at 04:09, M.-A. Lemburg wrote:
On 28.08.2016 22:40, Christian Heimes wrote:
> ...
> I like to reduce
On Sun, 28 Aug 2016 22:40:11 +0200
Christian Heimes wrote:
>
> Here is the deal for 2.7 to 3.5:
>
> 1) All versions older than 0.9.8 are completely out-of-scope and no
> longer supported.
>
> 2) 0.9.8 is semi-support. Python will still compile and work with 0.9.8.
>
On 8/29/2016 10:59 PM, Nick Coghlan wrote:
By contrast (and assuming I understand the situation correctly), the
Windows build is already set up around the assumption that you'll need
to build OpenSSL yourself.
If one installs a minimal svn client and passes -e to Zack's wonderful
built.bat,
On 30 August 2016 at 15:13, Benjamin Peterson wrote:
> On Sun, Aug 28, 2016, at 22:42, Christian Heimes wrote:
>> In my proto-PEP I'm talking about different levels of support: full,
>> build-only and unsupported. Full support means that the combination of
>> Python and
On Sun, Aug 28, 2016, at 22:42, Christian Heimes wrote:
> On 2016-08-29 04:38, Ned Deily wrote:
> > On Aug 28, 2016, at 19:06, Benjamin Peterson wrote:
> >> On Sun, Aug 28, 2016, at 13:40, Christian Heimes wrote:
> >>> Here is the deal for 2.7 to 3.5:
> >>>
> >>> 1) All
On Aug 29, 2016, at 22:59, Nick Coghlan wrote:
> The other thing I've been looking at is how well documented the
> process is for building with a custom OpenSSL instead of the system
> one, and as near as I can tell, it isn't documented at all - the top
> level README doesn't
On 30 August 2016 at 08:56, Barry Warsaw wrote:
> On Aug 29, 2016, at 12:33 PM, Cory Benfield wrote:
>
>>Can someone explain to me why this is a use-case we care about?
>
> I do think it would be nice to be able to compile newer versions of Python on
> stock LTS releases,
> On 29 Aug 2016, at 15:31, M.-A. Lemburg wrote:
>
> Ubuntu 14.04 is a widely deployed system and newer Python version
> should run on such widely deployed systems without having to
> replace important vendor maintained system libraries such as
> OpenSSL.
That's quite the
On 30 August 2016 at 02:33, Cory Benfield wrote:
>
>> On 29 Aug 2016, at 04:09, M.-A. Lemburg wrote:
>>
>> On 28.08.2016 22:40, Christian Heimes wrote:
>>> ...
>>> I like to reduce the maintenance burden and list of supported OpenSSL
>>> versions ASAP. OpenSSL
On 8/29/2016 5:20 PM, Christian Heimes wrote:
On 2016-08-29 23:00, Gregory P. Smith wrote:
Lets make 3.7 require a higher version. The common OSS OS distros of its
time will be better prepared.
Especially is warned.
My multissl test script allows me to compile and test _ssl.c and
On Aug 29, 2016, at 12:33 PM, Cory Benfield wrote:
>Can someone explain to me why this is a use-case we care about?
I do think it would be nice to be able to compile newer versions of Python on
stock LTS releases, especially for people developing software that they want
to support on a
On 2016-08-29 23:00, Gregory P. Smith wrote:
>
> Given that you already said:
>
> """
> For 3.6 I don't require any 1.0.2 feature yet. The 1.1.0 patch keeps
> code compatible with 0.9.8zc to 1.1.0. But as soon as I use new
> features, the ssl module will no longer be source and build compatible
On Mon, Aug 29, 2016 at 1:18 PM Christian Heimes
wrote:
> On 2016-08-29 21:31, M.-A. Lemburg wrote:
> > On 29.08.2016 18:33, Cory Benfield wrote:
> >>
> >>> On 29 Aug 2016, at 04:09, M.-A. Lemburg wrote:
> >>>
> >>> On 28.08.2016 22:40, Christian Heimes
On 2016-08-29 22:10, Random832 wrote:
> On Mon, Aug 29, 2016, at 04:09, M.-A. Lemburg wrote:
>> Hmm, that last part would mean that Python 3.7 will no longer compile
>> on e.g. Ubuntu 14.04 LTS which uses OpenSSL 1.0.1 as default version.
>> Since 14.04 LTS is supported until 2019, I think it
On 2016-08-29 21:31, M.-A. Lemburg wrote:
> On 29.08.2016 18:33, Cory Benfield wrote:
>>
>>> On 29 Aug 2016, at 04:09, M.-A. Lemburg wrote:
>>>
>>> On 28.08.2016 22:40, Christian Heimes wrote:
...
I like to reduce the maintenance burden and list of supported OpenSSL
On Mon, Aug 29, 2016, at 04:09, M.-A. Lemburg wrote:
> Hmm, that last part would mean that Python 3.7 will no longer compile
> on e.g. Ubuntu 14.04 LTS which uses OpenSSL 1.0.1 as default version.
> Since 14.04 LTS is supported until 2019, I think it would be better
> to only start requiring 1.0.2
On 29.08.2016 18:33, Cory Benfield wrote:
>
>> On 29 Aug 2016, at 04:09, M.-A. Lemburg wrote:
>>
>> On 28.08.2016 22:40, Christian Heimes wrote:
>>> ...
>>> I like to reduce the maintenance burden and list of supported OpenSSL
>>> versions ASAP. OpenSSL has deprecated 0.9.8 and
On Mon, 29 Aug 2016 at 09:34 Cory Benfield wrote:
>
> > On 29 Aug 2016, at 04:09, M.-A. Lemburg wrote:
> >
> > On 28.08.2016 22:40, Christian Heimes wrote:
> >> ...
> >> I like to reduce the maintenance burden and list of supported OpenSSL
> >> versions ASAP.
> On 29 Aug 2016, at 04:09, M.-A. Lemburg wrote:
>
> On 28.08.2016 22:40, Christian Heimes wrote:
>> ...
>> I like to reduce the maintenance burden and list of supported OpenSSL
>> versions ASAP. OpenSSL has deprecated 0.9.8 and 1.0.0 last year. 1.0.1
>> will reach EOL by the
On Mon, Aug 29, 2016 at 9:16 PM, Nick Coghlan wrote:
> On 29 August 2016 at 21:05, Chris Angelico wrote:
>> On Mon, Aug 29, 2016 at 8:52 PM, Nick Coghlan wrote:
>>> For upcoming 3.6 I would like to limit support to 1.0.2+ and require
>>>
On 29 August 2016 at 21:05, Chris Angelico wrote:
> On Mon, Aug 29, 2016 at 8:52 PM, Nick Coghlan wrote:
>> For upcoming 3.6 I would like to limit support to 1.0.2+ and require
>> 1.0.2 features for 3.7.
>
> What does "limit support" mean? Will it be
On Mon, Aug 29, 2016 at 8:52 PM, Nick Coghlan wrote:
> On 29 August 2016 at 19:14, Chris Angelico wrote:
>> On Mon, Aug 29, 2016 at 6:24 PM, Christian Heimes
>> wrote:
>>> No, LTS support should not be our concern. If you need a brand
On 29 August 2016 at 19:14, Chris Angelico wrote:
> On Mon, Aug 29, 2016 at 6:24 PM, Christian Heimes
> wrote:
>> No, LTS support should not be our concern. If you need a brand new
>> version of Python on an old LTS or Enterprise version of your OS,
On Mon, Aug 29, 2016 at 6:24 PM, Christian Heimes wrote:
> No, LTS support should not be our concern. If you need a brand new
> version of Python on an old LTS or Enterprise version of your OS, please
> contact your vendor and buy support. You don't get to run old metal and
On Mon, Aug 29, 2016 at 10:24:42AM +0200, Christian Heimes wrote:
> On 2016-08-29 10:09, M.-A. Lemburg wrote:
> > On 28.08.2016 22:40, Christian Heimes wrote:
> >> ...
> >> I like to reduce the maintenance burden and list of supported OpenSSL
> >> versions ASAP. OpenSSL has deprecated 0.9.8 and
On 2016-08-29 10:09, M.-A. Lemburg wrote:
> On 28.08.2016 22:40, Christian Heimes wrote:
>> ...
>> I like to reduce the maintenance burden and list of supported OpenSSL
>> versions ASAP. OpenSSL has deprecated 0.9.8 and 1.0.0 last year. 1.0.1
>> will reach EOL by the end of this year,
>>
On 28.08.2016 22:40, Christian Heimes wrote:
> ...
> I like to reduce the maintenance burden and list of supported OpenSSL
> versions ASAP. OpenSSL has deprecated 0.9.8 and 1.0.0 last year. 1.0.1
> will reach EOL by the end of this year,
> https://www.openssl.org/policies/releasestrat.html .
On 2016-08-29 04:38, Ned Deily wrote:
> On Aug 28, 2016, at 19:06, Benjamin Peterson wrote:
>> On Sun, Aug 28, 2016, at 13:40, Christian Heimes wrote:
>>> Here is the deal for 2.7 to 3.5:
>>>
>>> 1) All versions older than 0.9.8 are completely out-of-scope and no
>>> longer
On Aug 28, 2016, at 19:06, Benjamin Peterson wrote:
> On Sun, Aug 28, 2016, at 13:40, Christian Heimes wrote:
>> Here is the deal for 2.7 to 3.5:
>>
>> 1) All versions older than 0.9.8 are completely out-of-scope and no
>> longer supported.
> +1
>> 2) 0.9.8 is semi-support.
On 29 August 2016 at 06:40, Christian Heimes wrote:
> Hi,
>
> we need to talk about OpenSSL and LibreSSL before the next release of
> Python. I'm working on a PEP. Most likely it won't be ready before the
> feature freeze.
If it's just drafting work that you need help with
> On 28 Aug 2016, at 16:40, Christian Heimes wrote:
>
> For upcoming 3.6 I would like to limit support to 1.0.2+ and require
> 1.0.2 features for 3.7. What is the status of Python.org's OSX builds?
> Is it possible to drop 0.9.8?
I strongly support this change. Python
On Sun, Aug 28, 2016, at 13:40, Christian Heimes wrote:
> Here is the deal for 2.7 to 3.5:
>
> 1) All versions older than 0.9.8 are completely out-of-scope and no
> longer supported.
+1
>
> 2) 0.9.8 is semi-support. Python will still compile and work with 0.9.8.
> However we do NOT promise
50 matches
Mail list logo