-----Original Message----- From: Donald Stufft <[email protected]> Reply: Donald Stufft <[email protected]> Date: January 12, 2017 at 13:46:26 To: Cory Benfield <[email protected]> Cc: [email protected] <[email protected]>, Christian Heimes <[email protected]> Subject: Re: [Security-sig] Unified TLS API for Python
> > > On Jan 12, 2017, at 2:39 PM, Cory Benfield wrote: > > > > I'm not even sure about the specific API we're using for SNI: I might just > > want to restrict > it to emitting new certificates. > > > I am pro restricting the API, can always relax restrictions later. Expanding APIs is always leagues easier than contracting them. Starting off with the minimum necessary API makes perfect sense. As needs are found that it cannot meet, then expanding it slowly and methodically will be easy and painless. In other words, +1 on keeping it small to start and restricting the API. -- Ian Cordasco _______________________________________________ Security-SIG mailing list [email protected] https://mail.python.org/mailman/listinfo/security-sig
