Message 275310 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	alex, christian.heimes, dstufft, giampaolo.rodola, janssen, ncoghlan
Date	2016-09-09.11:18:41
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1473419921.81.0.961538270346.issue28043@psf.upfronthosting.co.za>
In-reply-to

Content
I like to introduce sane defaults for SSLContext options and ciphers: Changed in version 3.6: The context is created with more secure default values. PROTOCOL_TLS is the default protocol. The options OP_NO_COMPRESSION, OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE, OP_NO_SSLv2 (except for PROTOCOL_SSLv2), and OP_NO_SSLv3 (except for PROTOCOL_SSLv3) are set by default. The initial cipher suite list contains only HIGH ciphers, no NULL ciphers and MD5 ciphers (except for PROTOCOL_SSLv2).

I like to introduce sane defaults for SSLContext options and ciphers:

Changed in version 3.6: The context is created with more secure default values. PROTOCOL_TLS is the default protocol. The options OP_NO_COMPRESSION, OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE, OP_NO_SSLv2 (except for PROTOCOL_SSLv2), and OP_NO_SSLv3 (except for PROTOCOL_SSLv3) are set by default. The initial cipher suite list contains only HIGH ciphers, no NULL ciphers and MD5 ciphers (except for PROTOCOL_SSLv2).

History
Date	User	Action	Args
2016-09-09 11:18:42	christian.heimes	set	recipients: + christian.heimes, ncoghlan, janssen, giampaolo.rodola, alex, dstufft
2016-09-09 11:18:41	christian.heimes	set	messageid: <1473419921.81.0.961538270346.issue28043@psf.upfronthosting.co.za>
2016-09-09 11:18:41	christian.heimes	link	issue28043 messages
2016-09-09 11:18:41	christian.heimes	create