This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dstufft
Recipients alex, christian.heimes, dstufft, pitrou
Date 2014-03-22.18:25:25
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
To be clear though, a lot of TLS servers out there still have SSL3.0 enabled by default, primarily because of IE6 / XP. I'm on the fence about what the right answer is for create_default_context. From a strictly "best practices for security" sense of view you want to disable SSLv3 (and this matches what create_default_context did prior to my patch).

Can we perhaps split the difference and disable SSL3.0 and document what the error looks like when you try to connect with SSL3.0 and how to re-enable it?
Date User Action Args
2014-03-22 18:25:25dstufftsetrecipients: + dstufft, pitrou, christian.heimes, alex
2014-03-22 18:25:25dstufftsetmessageid: <>
2014-03-22 18:25:25dstufftlinkissue21013 messages
2014-03-22 18:25:25dstufftcreate