This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author pitrou
Recipients Arfrever, alex, benjamin.peterson, christian.heimes, dstufft, ezio.melotti, lemburg, ncoghlan, pitrou, r.david.murray, vstinner
Date 2014-03-21.18:55:13
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1395428111.2312.5.camel@fsol>
In-reply-to <1395427966.86.0.384115471333.issue20995@psf.upfronthosting.co.za>
Content 
> Er, I typed issue and meant usage. Right now the only difference
> between restricted ciphers and the default ciphers is restricted
> ciphers have no RC4 and no DSS. You wanted this issue limited to
> client changes and I'm not sure how to do that without enabling
> RC4/DSS for servers (which is a regression in the security of the
> restricted ciphers).

Hmm, fair enough, let's change them all at once here. Also, since
"restricted ciphers" aren't actually used by stdlib modules, I changed
my mind and think it's ok to disable RC4 and DSS :-)

I'll still open another issue for server-specific configuration: not the
ciphers, but other stuff.
History
Date User Action Args
2014-03-21 18:55:13pitrousetrecipients: + pitrou, lemburg, ncoghlan, vstinner, christian.heimes, benjamin.peterson, ezio.melotti, Arfrever, alex, r.david.murray, dstufft
2014-03-21 18:55:13pitroulinkissue20995 messages
2014-03-21 18:55:13pitroucreate