This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients alex, christian.heimes, dstufft, janssen, ned.deily
Date 2019-06-28.14:29:05
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
httplib.client does not enable post-handshake authentication for TLS 1.3 connections. PHA is necessary for TLS 1.3 connections to servers that have conditional client cert authentication. For example Apache mod_ssl uses PHA when only certain paths or request methods require a client cert to authenticate a client.

Since TLS 1.3 is enabled by default with OpenSSL 1.1.1 and TLS 1.3 is preferred over TLS 1.2, the lack of PHA extension breaks backwards compatibility.
Date User Action Args
2019-06-28 14:29:05christian.heimessetrecipients: + christian.heimes, janssen, ned.deily, alex, dstufft
2019-06-28 14:29:05christian.heimessetmessageid: <>
2019-06-28 14:29:05christian.heimeslinkissue37440 messages
2019-06-28 14:29:05christian.heimescreate