Message 229385 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, vstinner
Date	2014-10-14.23:33:05
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1413329585.4.0.799899573915.issue22638@psf.upfronthosting.co.za>
In-reply-to

Content
> OpenSSL generally doesn't have bad options disabled until they are years old. OpenSSL takes the stance that it's up to the consumers of the OpenSSL API to properly configure themselves. The point is, if they start exposing it, we can enable it ourselves. > I'm not 100% sure but I don't believe Python has such a dance so TLS_FALLBACK_SCSV does nothing for us. Well, the ssl module can also be used in server mode.

> OpenSSL generally doesn't have bad options disabled until they are years old. OpenSSL takes the stance that it's up to the consumers of the OpenSSL API to properly configure themselves.

The point is, if they start exposing it, we can enable it ourselves.

> I'm not 100% sure but I don't believe Python has such a dance so TLS_FALLBACK_SCSV does nothing for us.

Well, the ssl module can also be used in server mode.

History
Date	User	Action	Args
2014-10-14 23:33:05	pitrou	set	recipients: + pitrou, janssen, vstinner, giampaolo.rodola, christian.heimes, alex, dstufft
2014-10-14 23:33:05	pitrou	set	messageid: <1413329585.4.0.799899573915.issue22638@psf.upfronthosting.co.za>
2014-10-14 23:33:05	pitrou	link	issue22638 messages
2014-10-14 23:33:05	pitrou	create