Message 214422 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	Arfrever, alex, benjamin.peterson, christian.heimes, dstufft, ezio.melotti, lemburg, ncoghlan, pitrou, r.david.murray, vstinner
Date	2014-03-22.00:40:50
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1395448850.74.0.505137319265.issue20995@psf.upfronthosting.co.za>
In-reply-to

Content
Well, the doc currently says: """Starting from Python 3.2.3, the ssl module disables certain weak ciphers by default, but you may want to further restrict the cipher choice. For example:: context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) context.set_ciphers('HIGH:!aNULL:!eNULL')""" But after your changes, calling set_ciphers('HIGH:!aNULL:!eNULL') will actually weaken security, so this example should simply be removed (IMHO).

Well, the doc currently says:

"""Starting from Python 3.2.3, the
ssl module disables certain weak ciphers by default, but you may want
to further restrict the cipher choice.  For example::

   context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
   context.set_ciphers('HIGH:!aNULL:!eNULL')"""

But after your changes, calling set_ciphers('HIGH:!aNULL:!eNULL') will actually weaken security, so this example should simply be removed (IMHO).

History
Date	User	Action	Args
2014-03-22 00:40:50	pitrou	set	recipients: + pitrou, lemburg, ncoghlan, vstinner, christian.heimes, benjamin.peterson, ezio.melotti, Arfrever, alex, r.david.murray, dstufft
2014-03-22 00:40:50	pitrou	set	messageid: <1395448850.74.0.505137319265.issue20995@psf.upfronthosting.co.za>
2014-03-22 00:40:50	pitrou	link	issue20995 messages
2014-03-22 00:40:50	pitrou	create