This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dstufft
Recipients Arfrever, alex, benjamin.peterson, christian.heimes, dstufft, ezio.melotti, lemburg, ncoghlan, pitrou, r.david.murray, vstinner
Date 2014-03-20.23:15:39
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1395357339.39.0.468807870927.issue20995@psf.upfronthosting.co.za>
In-reply-to
Content 
> > Again, Python is already forcing a set of ciphers. I don't know what sort of
> > Systems you use, but even RHEL 6.5 has *horrible* ciphers by in the OpenSSL
> > default set. Things like DES (not 3DES, DES) and 40bit RC4.
> 
> I wonder why RedHat doesn't bother changing the defaults.
> Did nobody ever report the issue to them, or are they more conservative
> than we are?

I don't know why. Probably because the OpenSSL defaults are not intended to
be secure so OpenSSL is working as intended. The users of OpenSSL are intended
to use the cipher selection string to secure themselves.
History
Date User Action Args
2014-03-20 23:15:39dstufftsetrecipients: + dstufft, lemburg, ncoghlan, pitrou, vstinner, christian.heimes, benjamin.peterson, ezio.melotti, Arfrever, alex, r.david.murray
2014-03-20 23:15:39dstufftsetmessageid: <1395357339.39.0.468807870927.issue20995@psf.upfronthosting.co.za>
2014-03-20 23:15:39dstufftlinkissue20995 messages
2014-03-20 23:15:39dstufftcreate