This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author benjamin.peterson
Recipients benjamin.peterson, christian.heimes, larry, ned.deily
Date 2017-01-02.21:58:01
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1483394278.4046232.835312409.25C3A392@webmail.messagingengine.com>
In-reply-to <1483391244.76.0.29431388133.issue29136@psf.upfronthosting.co.za>
Content 
I think that's fine for 2.7.

On Mon, Jan 2, 2017, at 13:07, Christian Heimes wrote:
> 
> New submission from Christian Heimes:
> 
> OpenSSL 1.1.1 is going to provide TLS 1.3. The preferred protocols
> PROTOCOL_TLS (old name PROTOCOL_SSLv23), PROTOCOL_TLS_CLIENT and
> PROTOCOL_TLS_SERVER are going to have TLS 1.3 enabled by default. In
> order to disable TLS 1.3, let's add OP_NO_TLSv1_3 to _ssl.c and guard it
> with #ifdef SSL_OP_NO_TLSv1_3
> 
> https://github.com/openssl/openssl/blob/d2e491f225d465b11f18a466bf399d4a899cb50e/include/openssl/ssl.h#L346
> 
> Benjamin, Larry, Ned, are you ok with a new flag? OpenSSL 1.1.1 won't be
> available any time soon. I like to add the flag *after* the upcoming
> round of releases.
> 
> ----------
> assignee: christian.heimes
> components: SSL
> messages: 284504
> nosy: benjamin.peterson, christian.heimes, larry, ned.deily
> priority: normal
> severity: normal
> stage: needs patch
> status: open
> title: Add OP_NO_TLSv1_3
> type: enhancement
> versions: Python 2.7, Python 3.5, Python 3.6, Python 3.7
> 
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue29136>
> _______________________________________
History
Date User Action Args
2017-01-02 21:58:01benjamin.petersonsetrecipients: + benjamin.peterson, larry, christian.heimes, ned.deily
2017-01-02 21:58:01benjamin.petersonlinkissue29136 messages
2017-01-02 21:58:01benjamin.petersoncreate