[Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
Donald Stufft
donald at stufft.io
Sun Mar 23 00:57:55 CET 2014
More information about the Python-Dev mailing list
Sun Mar 23 00:57:55 CET 2014
- Previous message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Next message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
They detect for ssl to have the SSLContext and use it if it's available. > On Mar 22, 2014, at 7:54 PM, Paul Moore <p.f.moore at gmail.com> wrote: > >> On 22 March 2014 23:49, Donald Stufft <donald at stufft.io> wrote: >> In the case of requests they already have an optional dependency on >> pyopenssl. It's just many people either don't know they should use it, are >> unable to use it, or unwilling to use the python packaging tool chain >> because of its current flaws. > > Do they use the new features in the Python 3.x ssl module when it's > available to give the same level of security as having pyopenssl > would, or do they use a "lowest common denominator" (i.e., 2.x > compatible) level of security when using the stdlib? If the latter, > that would be very, very sad. > > Paul
- Previous message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Next message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list