Message229385
> OpenSSL generally doesn't have bad options disabled until they are years old. OpenSSL takes the stance that it's up to the consumers of the OpenSSL API to properly configure themselves.
The point is, if they start exposing it, we can enable it ourselves.
> I'm not 100% sure but I don't believe Python has such a dance so TLS_FALLBACK_SCSV does nothing for us.
Well, the ssl module can also be used in server mode. |
|
Date |
User |
Action |
Args |
2014-10-14 23:33:05 | pitrou | set | recipients:
+ pitrou, janssen, vstinner, giampaolo.rodola, christian.heimes, alex, dstufft |
2014-10-14 23:33:05 | pitrou | set | messageid: <1413329585.4.0.799899573915.issue22638@psf.upfronthosting.co.za> |
2014-10-14 23:33:05 | pitrou | link | issue22638 messages |
2014-10-14 23:33:05 | pitrou | create | |
|