[Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 (original) (raw)
Brett Cannon brett at python.org
Sat Jan 13 15:02:59 EST 2018
- Previous message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Next message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, Jan 13, 2018, 05:24 Antoine Pitrou, <solipsis at pitrou.net> wrote:
On Sat, 13 Jan 2018 13:54:33 +0100 Christian Heimes <christian at python.org> wrote: > > If we agree to drop support for OpenSSL 0.9.8 and 1.0.1, then I can land > bunch of useful goodies like proper hostname verification [2], proper > fix for IP address in SNI TLS header [3], PEP 543 compatible Certificate > and PrivateKey types (support loading certs and keys from file and > memory) [4], and simplified cipher suite configuration [5]. I can > finally clean up ssl.c during the beta phase, too.
Given the annoyance of supporting old OpenSSL versions, I'd say +1 to this.
+1 from me as well for the improved security.
-Brett
We'll have to deal with the complaints of users of Debian oldstable, CentOS 6 and RHEL 6, though.
Regards Antoine.
Python-Dev mailing list Python-Dev at python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/brett%40python.org -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20180113/c1744b66/attachment-0001.html>
- Previous message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Next message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]