Message 72446 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	janssen
Recipients	heikki, janssen
Date	2008-09-04.01:14:25
SpamBayes Score	5.444985e-06
Marked as misclassified	No
Message-id	<1220490866.6.0.0918567025246.issue3597@psf.upfronthosting.co.za>
In-reply-to

Content
I'm afraid you're ahead of me in knowledge here. I've experimented with the ciphers a bit, but there seem to be various compatibility issues. I finally decided to let the OpenSSL folks and various standard groups worry about this; the designation of SSL 2, SSL 3, or TLS 1, is supposed to select the appropriate cipher groups. Now, as to making the default be different: we discussed this on python-dev a bit. I think it might make sense to default to TLS 1, even at the expense of compatibility, but we (the two or three of us actually discussing it) finally decided to go with what the current Python socket.ssl module used.

I'm afraid you're ahead of me in knowledge here.  I've experimented with
the ciphers a bit, but there seem to be various compatibility issues.  I
finally decided to let the OpenSSL folks and various standard groups
worry about this; the designation of SSL 2, SSL 3, or TLS 1, is supposed
to select the appropriate cipher groups.

Now, as to making the default be different:  we discussed this on
python-dev a bit.  I think it might make sense to default to TLS 1, even
at the expense of compatibility, but we (the two or three of us actually
discussing it) finally decided to go with what the current Python
socket.ssl module used.

History
Date	User	Action	Args
2008-09-04 01:14:26	janssen	set	recipients: + janssen, heikki
2008-09-04 01:14:26	janssen	set	messageid: <1220490866.6.0.0918567025246.issue3597@psf.upfronthosting.co.za>
2008-09-04 01:14:26	janssen	link	issue3597 messages
2008-09-04 01:14:25	janssen	create