[Python-Dev] PEP 466: Proposed policy change for handling network security enhancements (original) (raw)
Skip Montanaro skip at pobox.com
Mon Mar 24 15🔞49 CET 2014
- Previous message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Next message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, Mar 24, 2014 at 9:11 AM, Nick Coghlan <ncoghlan at gmail.com> wrote:
For example, RHEL7 and derivatives are already locked in to 2.7 until 2024, RHEL6 and derivatives are locked in to 2.6 until 2020. The only way to keep those combination of RHEL and the Python 2 standard library from holding back the evolution of internet security standards is to find a way solve the problem within the 2.7 line in such a way that I can then make the case for also backporting it to 2.6 in a RHEL6 point release.
Thanks for the explanation. I'm still a bit confused though. If there are backward compatibility issues with the proposed changes (whatever they turn out to be), are the commercial redistributors still going to balk at releasing these changes to their customers? From the reading I've done (this thread and your second iteration of the PEP), it seems like application developers will have to make some changes to take advantage of these updated security bits. Is there some path forward that really makes everything a drop-in improvement, requiring no change to application code, and breaking nothing that already works?
Skip
- Previous message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Next message: [Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]