On 2016-03-03 08:45, Nick Coghlan wrote:
On 2 March 2016 at 11:01, Larry Hastings larry@hastings.org wrote:
It's that time once again: time to start planning for the 2016 Python Language Summit!
Huzzah, thanks for organising this again!
I've forwarded the email to a few folks to suggest they submit presentation proposals, but I also have a question for everyone else: would folks be interested in a summary of the SSL/TLS handling developments over the past couple of years and open issues (aka "things that are still hard that we would prefer were simpler") we could potentially help with in core dev?
Thanks! TLS/SSL is already covered. :) I have invited Cory Benfield (python-requests, urllib3, hyper). Cory and I are co-chairing a presentation about the future of TLS/SSL in Python core and Python ecosystem together. Let's hope 20 minutes are enough.
I have also proposed a short recap of Python Security, PSRT and Coverity Scan activity in the past year. I also like to address communications of security fixes. From the bug tracker it is not immediately visible, which Python releases contains a fix. The changelog doesn't highlight security fixes, too. This allowed one nasty bug to fly under the radar and caused a downstream $VENDOR to not backport a fix. I'd like to have security issues marked in the changelog, e.g. with "[S]" or "[SECURITY]" prefix/suffix.
Christian