[Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 (original) (raw)
Wes Turner wes.turner at gmail.com
Tue Jan 16 10:12:52 EST 2018
- Previous message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Next message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >=2.5.3
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tuesday, January 16, 2018, Christian Heimes <christian at python.org> wrote:
On 2018-01-16 12:28, Wes Turner wrote: > > > On Tuesday, January 16, 2018, Steve Dower <steve.dower at python.org_ _> <mailto:steve.dower at python.org>> wrote: > > From my perspective, we can’t keep an OpenSSL-like API and use > Windows platform libraries (we could do a requests-like API easily > enough, but even urllib3 is painfully low-level).__ > > Support for Windows SChannel and Apple SecureTransport is part of the > TLS module. > > IDK how far along that work is (whether it'll be ready for 3.7 beta 1)? > Or where those volunteering to help with the TLS module can send PRs?
You are misunderstanding the goal of PEP 543. It's not about providing implementations of various backends. The PEP merely defines an minimal abstraction layer. Neither the PEP nor the API are finalized or complete yet, too Some parts of the PEP must be changed before it can be finalized. Cory and I are discussion the matter. Python 3.7's ssl module won't be compatible with PEP 543. For 3.8 it might be possible to provide a 543 compatible implementation on top of the ssl module.
Got it. Thanks!
I will not work on SChannel or SecureTransport, since I have neither expertise, knowledge, interest or resources to work on other implementations. AFAIK Steve would rather plug in Windows' cert validation API into OpenSSL than to provide another TLS implementation. For Apple ... no clue. How about you contact Apple support?
A HUP to their seclist about this work awhile back doesn't seem to have upgraded OpenSSL.
Presumably there's another mailing list thread or GitHub issue for PEP 543 interface and implementation development.
Regards, Christian
Python-Dev mailing list Python-Dev at python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/ wes.turner%40gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20180116/ca314dc7/attachment.html>
- Previous message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >= 2.5.3
- Next message (by thread): [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / LibreSSL >=2.5.3
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]