[Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7 (original) (raw)

Antoine Pitrou solipsis at pitrou.net
Thu Jun 1 06:01:31 EDT 2017

• Previous message (by thread): [Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7
• Next message (by thread): [Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 1 Jun 2017 19:50:22 +1000 Chris Angelico <rosuav at gmail.com> wrote:

On Thu, Jun 1, 2017 at 7:23 PM, Antoine Pitrou <antoine at python.org> wrote: >> Do you also disagree on the need of the need of the PEP 546 >> (backport) to make the PEP 543 (new TLS API) feasible in practice? > > Yes, I disagree. We needn't backport that new API to Python 2.7. > Perhaps it's time to be reasonable: Python 2.7 has been in bugfix-only > mode for a very long time. Python 3.6 is out. We should move on.

But it is in security fix mode for at least another three years (ish). Proper use of TLS certificates is a security question.

Why are you bringing "proper use of TLS certificates"? Python 2.7 doesn't need another backport for that. The certifi package is available for Python 2.7 and can be integrated simply with the existing ssl module.

Regards

Antoine.

• Previous message (by thread): [Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7
• Next message (by thread): [Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list