On Sat, Oct 27, 2001 at 09:43:58PM -0400, Christopher Petrilli wrote:
Guido van Rossum [guido@python.org] wrote:
I think that if OpenSSL is available, Python should build "out of the box" with SSL support. This is becomming more and more important with projects I'm working on, especially with SOAP and XML-RPC. This doesn't mean someone shouldn't be able to replace it, and we should always define an API, but... I think we need to work out of the box.
Good point. That's how the SSL support is configured now, and that's how it should continue to work.
Ok. I understand completely "outsourcing" SSL is not an option. So we either build a completely new SSL module or try to integrate an existing one.
Perhaps there is one of the existing modules (M2Crypto?) that can be integrated, assuming licensing issues can be resolved.
Yup. To save you time finding them all, I've summarized them and put up a page about them (cf. my other post).
[...] The initial goal in my mind would be to have transparent (or nearly so) SSL session management, [...]
I'm not sure I understand what you mean by transparent session management. Perhaps that one important feature would be that SSL objects be interface compatible with socket objects as much as possible? So ugly hacks like FakeSocket in httplib and SSLFakeSocket in smtplib are no longer necessary. And, btw. one complaint about socketmodule.c I've heard is that it doesn't have a C API, it might be necessary to expose some of it with the help of a header file. Gerhard -- mail: gerhard <at> bigfoot <dot> de registered Linux user #64239 web: http://www.cs.fhm.edu/~ifw00065/ OpenPGP public key id 86AB43C0 public key fingerprint: DEC1 1D02 5743 1159 CD20 A4B6 7B22 6575 86AB 43C0 reduce(lambda x,y:x+y,map(lambda x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b')))