Message 150021 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	gregory.p.smith, jcea, naif, pitrou
Date	2011-12-21.17:26:39
SpamBayes Score	2.1296313e-05
Marked as misclassified	No
Message-id	<1324488358.3385.27.camel@localhost.localdomain>
In-reply-to	<1324486791.94.0.490262661912.issue13636@psf.upfronthosting.co.za>

Content
> with your latest proposal 'HIGH:!aNULL:!eNULL:!SSLv2' : > - MD5 was disabled > - IDEA was disabled > - SEED was disabled That was the consequence of it, but that wasn't an explicit goal. > Generally speaking, as a concept to define a default we could: > - Start from a FIPS-140 compliant SSL stack > - Open some additional ciphers for compatibility reason (for example > RC4-SHA) > > What do you think about such approach? As I already said, the more sophisticated the approach, the more tedious the maintenance.

> with your latest proposal 'HIGH:!aNULL:!eNULL:!SSLv2' :
> - MD5 was disabled
> - IDEA was disabled
> - SEED was disabled

That was the consequence of it, but that wasn't an explicit goal.

> Generally speaking, as a concept to define a default we could:
> - Start from a FIPS-140 compliant SSL stack
> - Open some additional ciphers for compatibility reason (for example
> RC4-SHA)
> 
> What do you think about such approach?

As I already said, the more sophisticated the approach, the more tedious
the maintenance.

History
Date	User	Action	Args
2011-12-21 17:26:40	pitrou	set	recipients: + pitrou, gregory.p.smith, jcea, naif
2011-12-21 17:26:39	pitrou	link	issue13636 messages
2011-12-21 17:26:39	pitrou	create