[Python-Dev] PEP 466 (round 4): Python 2.7 network security enhancements (original) (raw)
Nick Coghlan ncoghlan at gmail.com
Wed Mar 26 00:03:52 CET 2014
- Previous message: [Python-Dev] PEP 466 (round 4): Python 2.7 network security enhancements
- Next message: [Python-Dev] PEP 466 (round 4): Python 2.7 network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 26 Mar 2014 08:35, "Antoine Pitrou" <solipsis at pitrou.net> wrote:
On Tue, 25 Mar 2014 23:09:45 +1000 Nick Coghlan <ncoghlan at gmail.com> wrote: > > Alternative: selectively backport particular APIs > ------------------------------------------------- > > An instinctively minimalist reaction to this proposal is to only backport > particular APIs in the affected modules that are judged to be "security > critical". However, this ends up providing a worse end user experience, > as well as a worse developer experience. > > For end users, the selective backporting approach means learning not only > the legacy Python 2.7 API and the current Python 3 APIs, but also the > hybrid API created by the selective backporting process. I think this is a strawman, since you are also advocating for a "feature detection" approach to writing cross-version code. It is already required, actually, if wanting to write code compatible from 3.2 to 3.4 (for example, SSLContext exists in 3.2 but createdefaultcontext appears in 3.4 while OPNOCOMPRESSION appears in 3.3). I would much rather selectively backport a minimal set of APIs than the whole range of ssl APIs. There are things there (RANDbytes, RANDpseudobytes) that are not even useful for network security, or only in a rather uncommon manner (such as channel bindings).
Yeah, I think this is a valid point, and, as Guido noted, we also want the option to skip backporting things if they depend on other aspects of Python 3 that we decide can't be backported.
So a feature-by-feature decision making process actually does make more sense than a blanket exemption.
Cheers, Nick.
Regards Antoine.
Python-Dev mailing list Python-Dev at python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/ncoghlan%40gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20140326/b34b7c46/attachment.html>
- Previous message: [Python-Dev] PEP 466 (round 4): Python 2.7 network security enhancements
- Next message: [Python-Dev] PEP 466 (round 4): Python 2.7 network security enhancements
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]