On 10 January 2017 at 23:24, Donald Stufft <
donald@stufft.io> wrote:
Looking at the download numbers, the absolute largest driver of TLSv1.0 and
TLSv1.1 traffic to PyPI are old versions of pip or other clients where I
cannot
tell the OS that they are being run on.
Can you tell the Python version they're running even with older clients?
I just checked the exact dates/versions where TLS v1.2 was properly
enabled in the various versions of Python that Red Hat ships, and this
change should be fine for:
* RHEL/CentOS 7.2+ (PEP 466 backport released November 2015)
* Red Hat Software Collections 2.2+ (PEP 466 backport released May 2016)
However, folks currently using the system Python 2.6 installation in
RHEL/CentOS 6 are going to need to upgrade to Python 2.7 somehow,
whether that's by:
- upgrading to RHEL/CentOS 7
- doing a parallel install via RHSCL/
softwarecollections.org- doing a parallel install via
ius.io(The problem with RHEL 6 is that even though the *OS* has supported
TLS v1.2 since RHEL 6.5, *Python 2.6* doesn't properly support
accessing them through the standard library's SSL module, since it's
missing the features backported from 3.x by PEP 466)
Cheers,
Nick.
--
Nick Coghlan |
ncoghlan@gmail.com | Brisbane, Australia