On 13 January 2017 at 07:05, Wes Turner <wes.tur...@gmail.com> wrote: > +1 for start simple and iterate; > but expecting a config object is not easy to add later.
Yes, it is - all that is necessary is to add a "make_ssl_context" helper function that translates from the declarative configuration format (however defined) to the programmatic API and returns a configured context of the requested type. The appropriate time to define that lowest-common-denominator configuration format is *after* there is a working programmatic API that covers at least the 3 major implementations of interest (OpenSSL, SecureTransport, SChannel), and hopefully a few other implementations as well (e.g. NSS, BoringSSL). Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Security-SIG mailing list Security-SIG@python.org https://mail.python.org/mailman/listinfo/security-sig
