Message271008
I'm opposed to adding FIPS knobs to Python's SSL module for a few reasons:
- FIPS is a bad standard (which I'm happy to talk at length about)
- OpenSSL is regularly on the verge of dropping FIPS support (https://www.openssl.org/blog/blog/2016/07/20/fips/ is the most recent rescue from the brink of removal)
- It further ties us to the OpenSSL API, in favor of being a more general purpose SSL API. |
|
Date |
User |
Action |
Args |
2016-07-22 18:09:46 | alex | set | recipients:
+ alex, janssen, pitrou, giampaolo.rodola, christian.heimes, dstufft, CristiFati |
2016-07-22 18:09:46 | alex | set | messageid: <1469210986.32.0.803946267736.issue27592@psf.upfronthosting.co.za> |
2016-07-22 18:09:46 | alex | link | issue27592 messages |
2016-07-22 18:09:45 | alex | create | |
|