[Python-Dev] PEP 466: Proposed policy change for handling network security enhancements (original) (raw)
Guido van Rossum guido at python.org
Sun Mar 23 02:37:24 CET 2014
- Previous message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Next message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm a bit under the weather and I'm not sure what to think of this yet. With that provision, and trying to be brief:
I agree that there are security concerns about Python 2.7 that can't be addressed by recommending Python 3.4 instead. I also agree that the ban on new features in old releases can be stifling. But I also worry about breaking working code.
I am a bit worried that writing a PEP (at least this specific PEP) would become less about arguing for a specific technical (or even political) idea, and more about putting "weasel words" in an official document so that it can be used to justify future actions without due process.
I wonder whether there is a specific narrower proposal (e.g. add SSLContext to Python 2.7.7?) that would make the discussion more concrete.
-- --Guido van Rossum (python.org/~guido) -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20140322/fbd2c12a/attachment.html>
- Previous message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Next message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]