Re: [Security-sig] Unified TLS API for Python

Cory Benfield Thu, 12 Jan 2017 00:48:07 -0800

> On 11 Jan 2017, at 21:44, Wes Turner <wes.tur...@gmail.com> wrote:
> 
> This may be a bit of a different use case (and possibly worth having in the 
> first version of a new tls module):
> 
> "Hitless TLS Certificate Rotation in Go"
> https://diogomonica.com/2017/01/11/hitless-tls-certificate-rotation-in-go/ 
> <https://diogomonica.com/2017/01/11/hitless-tls-certificate-rotation-in-go/>
> 
> - Can/could this be done with only set_sni_callback ?


Yes, it can be. Twisted has an extension module, txsni, that uses the SNI 
callback to choose which certificate to provide. This is basically identical to 
the Go GetCertificate callback function.

Cory

_______________________________________________
Security-SIG mailing list
Security-SIG@python.org
https://mail.python.org/mailman/listinfo/security-sig

Re: [Security-sig] Unified TLS API for Python

Reply via email to