23 Mar
2014
23 Mar
'14
1:57 a.m.
They detect for ssl to have the SSLContext and use it if it's available.
On Mar 22, 2014, at 7:54 PM, Paul Moore
wrote: On 22 March 2014 23:49, Donald Stufft
wrote: In the case of requests they already have an optional dependency on pyopenssl. It's just many people either don't know they should use it, are unable to use it, or unwilling to use the python packaging tool chain because of its current flaws. Do they use the new features in the Python 3.x ssl module when it's available to give the same level of security as having pyopenssl would, or do they use a "lowest common denominator" (i.e., 2.x compatible) level of security when using the stdlib? If the latter, that would be very, very sad.
Paul