[issue20995] Use Better Default Ciphers for the SSL Module

Mark Kubacki added the comment: The cipher strings rely too much on AES for my taste. Imagine that ChaCha20Poly1305 or any other strong cipher suite is introduced to OpenSSL in the future. Enabling using general, and demoting using narrow terms, seems IMHO a better approach. For example

[issue20995] Use Better Default Ciphers for the SSL Module

Mark Kubacki added the comment: Thanks for the detailed insight, Donald! And I certainly love the progress these changes here bring. :-) Perhaps limiting the scope to ChaCha20Poly1305 (»CCP«) has been a wrong approach of mine to explain my concerns: We should not refer to any particular

[issue5639] Support TLS SNI extension in ssl module

Changes by Mark Kubacki wm...@hurrikane.de: Removed file: http://bugs.python.org/file30757/python-2.7.5-tlssni.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5639

[issue5639] Support TLS SNI extension in ssl module

Changes by Mark Kubacki wm...@hurrikane.de: Added file: http://bugs.python.org/file30778/python-2.7.5-tlssni.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5639

[issue5639] Support TLS SNI extension in ssl module

Changes by Mark Kubacki wm...@hurrikane.de: Removed file: http://bugs.python.org/file30778/python-2.7.5-tlssni.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5639

[issue5639] Support TLS SNI extension in ssl module

Changes by Mark Kubacki wm...@hurrikane.de: Added file: http://bugs.python.org/file30779/python-2.7.5-tlssni.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5639

[issue5639] Support TLS SNI extension in ssl module

Changes by Mark Kubacki wm...@hurrikane.de: Added file: http://bugs.python.org/file30757/python-2.7.5-tlssni.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue5639

[issue5639] Support TLS SNI extension in ssl module

Mark Kubacki added the comment: Python 2.7 is still used in production. Given the scarcity of IPv4-addresses — and with CDNs (think: Amazon, Akamai, EdgeCast…) starting to offer HTTP+SSL — the need for SNI arises in order to avoid pitfalls such as shared certificates. The lack of ubiquitous

[issue5639] Support TLS SNI extension in ssl module

Mark Kubacki added the comment: Antoine, thank you for the heads-up. As long as I've reminded distribution maintainers of this issue and this or a similar patch (always send a server_hostname with TLS, if one is missing) will be integrated (please do!) I've accomplished my goal. BTW, today

[issue16113] Add SHA-3 (Keccak) support

Changes by Mark Kubacki wm...@hurrikane.de: -- nosy: +markk ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue16113 ___ ___ Python-bugs-list mailing

[issue16692] Support TLS 1.1 and TLS 1.2

Mark Kubacki added the comment: Raw backport for Python 2.7. ›raw‹ like in some options are in _ssl only. (_ssl.{err_names_to_codes,err_codes_to_names,lib_codes_to_names,…}) -- nosy: +markk Added file: http://bugs.python.org/file30761/python-2.7.5-tls1.1-and-tls1.2.patch