Message214405
Currently, create_default_context() doesn't do anything special for server use. It seems the configuration could be improved, though:
- PROTOCOL_TLSv1 is suboptimal for servers: a "TLSv1" server can't accept a TLSv1.2 client, but a "SSLv23" server will; so we should use PROTOCOL_SSLv23 (!)
- we could enable ECDH by calling SSLContext.set_ecdh_curve(<something>) |
|
Date |
User |
Action |
Args |
2014-03-21 19:07:46 | pitrou | set | recipients:
+ pitrou, christian.heimes, dstufft |
2014-03-21 19:07:46 | pitrou | set | messageid: <1395428866.17.0.533076056941.issue21013@psf.upfronthosting.co.za> |
2014-03-21 19:07:46 | pitrou | link | issue21013 messages |
2014-03-21 19:07:45 | pitrou | create | |
|