Message202256
There is already an entire section about this:
http://docs.python.org/dev/library/ssl.html#security-considerations
It's up to consumers of the API to choose their security policy, the ssl module merely provides building blocks to implement it. I think the ssl docs are sufficiently explicit about it right now, we're not going to add warnings every time we think something is important to read.
As for "developers [who] are still surprised", well, most of them shouldn't use the ssl module directly. |
|
Date |
User |
Action |
Args |
2013-11-06 08:54:56 | pitrou | set | recipients:
+ pitrou, janssen, giampaolo.rodola, christian.heimes, docs@python |
2013-11-06 08:54:56 | pitrou | set | messageid: <1383728096.32.0.681470653398.issue19508@psf.upfronthosting.co.za> |
2013-11-06 08:54:56 | pitrou | link | issue19508 messages |
2013-11-06 08:54:56 | pitrou | create | |
|