Message 214405 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	christian.heimes, dstufft, pitrou
Date	2014-03-21.19:07:45
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1395428866.17.0.533076056941.issue21013@psf.upfronthosting.co.za>
In-reply-to

Content
Currently, create_default_context() doesn't do anything special for server use. It seems the configuration could be improved, though: - PROTOCOL_TLSv1 is suboptimal for servers: a "TLSv1" server can't accept a TLSv1.2 client, but a "SSLv23" server will; so we should use PROTOCOL_SSLv23 (!) - we could enable ECDH by calling SSLContext.set_ecdh_curve(<something>)

Currently, create_default_context() doesn't do anything special for server use. It seems the configuration could be improved, though:

- PROTOCOL_TLSv1 is suboptimal for servers: a "TLSv1" server can't accept a TLSv1.2 client, but a "SSLv23" server will; so we should use PROTOCOL_SSLv23 (!)

- we could enable ECDH by calling SSLContext.set_ecdh_curve(<something>)

History
Date	User	Action	Args
2014-03-21 19:07:46	pitrou	set	recipients: + pitrou, christian.heimes, dstufft
2014-03-21 19:07:46	pitrou	set	messageid: <1395428866.17.0.533076056941.issue21013@psf.upfronthosting.co.za>
2014-03-21 19:07:46	pitrou	link	issue21013 messages
2014-03-21 19:07:45	pitrou	create