Message 202256 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	christian.heimes, docs@python, giampaolo.rodola, janssen, pitrou
Date	2013-11-06.08:54:56
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1383728096.32.0.681470653398.issue19508@psf.upfronthosting.co.za>
In-reply-to

Content
There is already an entire section about this: http://docs.python.org/dev/library/ssl.html#security-considerations It's up to consumers of the API to choose their security policy, the ssl module merely provides building blocks to implement it. I think the ssl docs are sufficiently explicit about it right now, we're not going to add warnings every time we think something is important to read. As for "developers [who] are still surprised", well, most of them shouldn't use the ssl module directly.

There is already an entire section about this:
http://docs.python.org/dev/library/ssl.html#security-considerations

It's up to consumers of the API to choose their security policy, the ssl module merely provides building blocks to implement it. I think the ssl docs are sufficiently explicit about it right now, we're not going to add warnings every time we think something is important to read.

As for "developers [who] are still surprised", well, most of them shouldn't use the ssl module directly.

History
Date	User	Action	Args
2013-11-06 08:54:56	pitrou	set	recipients: + pitrou, janssen, giampaolo.rodola, christian.heimes, docs@python
2013-11-06 08:54:56	pitrou	set	messageid: <1383728096.32.0.681470653398.issue19508@psf.upfronthosting.co.za>
2013-11-06 08:54:56	pitrou	link	issue19508 messages
2013-11-06 08:54:56	pitrou	create