Message214306
Oh, Additionally Marc:
Even if some system administrator or some system out there does patch their OpenSSL to actually be safe by default Python changing it's cipher string only adds to the potential security (or at worst does nothing). If even one system (of which there are legion) does not do that patch then Python changing it's ciphers will protect that user.
The failure mode for a bad cipher is silent insecurity, the failure mode for not having a needed cipher is an obvious error. |
|
Date |
User |
Action |
Args |
2014-03-20 23:33:18 | dstufft | set | recipients:
+ dstufft, lemburg, ncoghlan, pitrou, vstinner, christian.heimes, benjamin.peterson, ezio.melotti, Arfrever, alex, r.david.murray |
2014-03-20 23:33:18 | dstufft | set | messageid: <1395358398.54.0.175789268673.issue20995@psf.upfronthosting.co.za> |
2014-03-20 23:33:18 | dstufft | link | issue20995 messages |
2014-03-20 23:33:18 | dstufft | create | |
|