On Jan 10, 2017, at 15:07, Ronald Oussoren <
ronaldoussoren@mac.com> wrote:
On 10 Jan 2017, at 21:02, Donald Stufft <donald@stufft.io> wrote:
On Jan 10, 2017, at 3:01 PM, Ronald Oussoren <ronaldoussoren@mac.com> wrote:
On 10 Jan 2017, at 14:24, Donald Stufft <donald@stufft.io> wrote:
[…] Past that, macOS is going to be the
largest casualty since their system Python does not support TLSv1.2 yet in any
version of their OS.
Not just the system Python on OSX, this also affects all Python.org installers for OSX except 3.6. The 3.6 installer is the first one that doesn’t use the system installation of OpenSSL.
That's not quite accurate. The 32-bit-only macOS
python.org installers for recent 2.7.x and 3.x releases are also linked with a private current set of OpenSSL libraries. For 3.6, we no longer supply the 32-bit-only installer and the 64-bit/32-bit installer is now linked with the private OpenSSL as you note.
Annoyingly with OpenSSL on OSX you have to options: either use an up-to-date release or have OpenSSL use the system CA trust store, but not both. Sigh…
It would be nice if someone would do the work to figure out whether it is feasible to use Apple's own Crypto and TLS API's as apparently libcurl does.