[Python-Dev] PEP 466 (round 4): Python 2.7 network security enhancements (original) (raw)

Guido van Rossum guido at python.org
Thu Mar 27 16:54:02 CET 2014


BTW, my intention was also to set a precedent for future additions to the list. "We did this before" is a great argument to help smooth the path, without bypassing deliberations altogether. On Mar 27, 2014 2:33 AM, "Nick Coghlan" <ncoghlan at gmail.com> wrote:

On 27 March 2014 18:02, Stephen J. Turnbull <stephen at xemacs.org> wrote: > Alex Gaynor writes: > > > Here's my proposed list of such featuers: > > And suppose that list grows over time? After all, it once was []. > > If we go for a feature-by-feature list, that has two more-or-less > hidden costs. (1) Python-Dev has to specify which ones, and either > risks a new specification debate in the future, or needs to spend > time now describing criteria and processes for extending the list.

It's not a hidden cost - it's a deliberately chosen one. Guido was wary of an open-ended agreement, so by enumerating the precise set of missing features in Python 2.7 that are causing concern for the network security folks, we get to address the immediate problem, without granting permission to backport further arbitrary features without additional discussion. > (2) Users may need to worry about the list. (OTOH, as long as the > list is restricted to features in certain modules, users can choose to > assume anything in those modules may have changed behavior and that's > no different from Nick's proposal for them.) The PEP already specifically advises that cross-version compatible code use feature detection rather than version checks. For network security, it's recommended to avoid using the low level modules directly, anyway - it's much better to use a higher level library like requests, to reduce the number of places where we need to get the security design right. Cheers, Nick. -- Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia


Python-Dev mailing list Python-Dev at python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/guido%40python.org -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20140327/781ea4da/attachment.html>



More information about the Python-Dev mailing list