Message 274706 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	larry
Recipients	Jim.Jewett, Lukasa, alex, christian.heimes, dstufft, georg.brandl, giampaolo.rodola, hynek, janssen, larry, python-dev, steve.dower
Date	2016-09-07.02:26:06
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1473215166.77.0.206023213518.issue27850@psf.upfronthosting.co.za>
In-reply-to

Content
> The difference between a security feature and a security fix > is incredibly hard to differentiate. I'm not buying this argument. > For instance, with 3DES being de-recommended (and removed in future > OpenSSLs) that leaves basically only AES-GCM and AES-CBC left as a > secure cipher. Future OpenSSLs don't affect Python 3.4, as Python 3.4 won't be upgraded to them. Anyway we don't ship binary installers for 3.4 anymore. Please don't check in support for new cyphers to 3.4.

> The difference between a security feature and a security fix
> is incredibly hard to differentiate.

I'm not buying this argument.


> For instance, with 3DES being de-recommended (and removed in future
> OpenSSLs) that leaves basically only AES-GCM and AES-CBC left as a
> secure cipher.

Future OpenSSLs don't affect Python 3.4, as Python 3.4 won't be upgraded to them.  Anyway we don't ship binary installers for 3.4 anymore.

Please don't check in support for new cyphers to 3.4.

History
Date	User	Action	Args
2016-09-07 02:26:06	larry	set	recipients: + larry, georg.brandl, janssen, giampaolo.rodola, christian.heimes, alex, python-dev, hynek, Jim.Jewett, steve.dower, dstufft, Lukasa
2016-09-07 02:26:06	larry	set	messageid: <1473215166.77.0.206023213518.issue27850@psf.upfronthosting.co.za>
2016-09-07 02:26:06	larry	link	issue27850 messages
2016-09-07 02:26:06	larry	create