Message 271008 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	alex
Recipients	CristiFati, alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou
Date	2016-07-22.18:09:45
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1469210986.32.0.803946267736.issue27592@psf.upfronthosting.co.za>
In-reply-to

Content
I'm opposed to adding FIPS knobs to Python's SSL module for a few reasons: - FIPS is a bad standard (which I'm happy to talk at length about) - OpenSSL is regularly on the verge of dropping FIPS support (https://www.openssl.org/blog/blog/2016/07/20/fips/ is the most recent rescue from the brink of removal) - It further ties us to the OpenSSL API, in favor of being a more general purpose SSL API.

I'm opposed to adding FIPS knobs to Python's SSL module for a few reasons:

- FIPS is a bad standard (which I'm happy to talk at length about)
- OpenSSL is regularly on the verge of dropping FIPS support (https://www.openssl.org/blog/blog/2016/07/20/fips/ is the most recent rescue from the brink of removal)
- It further ties us to the OpenSSL API, in favor of being a more general purpose SSL API.

History
Date	User	Action	Args
2016-07-22 18:09:46	alex	set	recipients: + alex, janssen, pitrou, giampaolo.rodola, christian.heimes, dstufft, CristiFati
2016-07-22 18:09:46	alex	set	messageid: <1469210986.32.0.803946267736.issue27592@psf.upfronthosting.co.za>
2016-07-22 18:09:46	alex	link	issue27592 messages
2016-07-22 18:09:45	alex	create