Message 183730 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	fweimer
Recipients	Ben.Darnell, fweimer, pitrou, python-dev
Date	2013-03-08.09:26:07
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1362734768.18.0.960113327419.issue13747@psf.upfronthosting.co.za>
In-reply-to

Content
OpenSSL cross-version updates are sometimes difficult because they invalidate certifications. Updating Python to SSLv23 with SSL_OP_NO_SSLv2 is comparatively easy and also much less riskier. Shall I submit a patch which changes the default? I would also like to restrict the cipher suites to strong ones plus RC4, so that Python code isn't forced to set cipher preferences.

OpenSSL cross-version updates are sometimes difficult because they invalidate certifications.  Updating Python to SSLv23 with SSL_OP_NO_SSLv2 is comparatively easy and also much less riskier.

Shall I submit a patch which changes the default?  I would also like to restrict the cipher suites to strong ones plus RC4, so that Python code isn't forced to set cipher preferences.

History
Date	User	Action	Args
2013-03-08 09:26:08	fweimer	set	recipients: + fweimer, pitrou, python-dev, Ben.Darnell
2013-03-08 09:26:08	fweimer	set	messageid: <1362734768.18.0.960113327419.issue13747@psf.upfronthosting.co.za>
2013-03-08 09:26:08	fweimer	link	issue13747 messages
2013-03-08 09:26:07	fweimer	create