PEP 493: Redistributor guidance for Python 2.7 HTTPS
Hi folks, As previously discussed on python-ideas, Red Hat has been looking at ways to provide a smoother migration path for system administrators to get to a point where system Python installations are verifying HTTPS by default. While we're not proposing that these changes be implemented upstream (given that the change in default behaviour was already implemented for 2.7.9), we *would* like to pursue an explicit upstream recommendation regarding how deviations from the upstream behaviour should be handled. Otherwise we run the risk of different redistributors pursuing mutually incompatible approaches to the migration, which would be a rather unfortunate outcome. The proposal in PEP 493 offers two recommendations: * one option that leaves the default behaviour alone, but provides an easy environment variable based way to revert to the legacy behaviour on a per-application basis (based on a design suggested by MAL) * a second option designed for backporting the changes to versions that advertise themselves as older than 2.7.9 that permits opting in to the new behaviour on a system wide basis (based on a design suggested by Robert Kuska) The main change from the last version discussed on python-ideas is that in both cases there's now a required attribute that redistributors are expected to add to the SSL module to signal the presence of the feature (and to provide some useful information about its implementation). I think this is mature enough now for me to request pronouncement (if Guido's interested in doing that himself), or volunteers to be BDFL-Delegate (if Guido's would prefer someone else handle it). Regards, Nick. ====================== PEP: 493 Title: HTTPS verification recommendations for Python 2.7 redistributors Version: $Revision$ Last-Modified: $Date$ Author: Nick Coghlan <ncoghlan@gmail.com>, Robert Kuska <rkuska@redhat.com>, Marc-André Lemburg <mal@lemburg.com> Status: Draft Type: Informational Content-Type: text/x-rst Created: 10-May-2015 Post-History: 06-Jul-2015 Abstract ======== PEP 476 updated Python's default handling of HTTPS certificates to be appropriate for communication over the public internet. The Python 2.7 long term maintenance series was judged to be in scope for this change, with the new behaviour introduced in the Python 2.7.9 maintenance release. This PEP provides recommendations to downstream redistributors wishing to provide a smoother migration experience when helping their users to manage this change in Python's default behaviour. *Note that this PEP is not currently accepted, so it is a *proposed* recommendation, rather than an active one.* Rationale ========= PEP 476 changed Python's default behaviour to better match the needs and expectations of developers operating over the public internet, a category which appears to include most new Python developers. It is the position of the authors of this PEP that this was a correct decision. However, it is also the case that this change *does* cause problems for infrastructure administrators operating private intranets that rely on self-signed certificates, or otherwise encounter problems with the new default certificate verification settings. The long term answer for such environments is to update their internal certificate management to at least match the standards set by the public internet, but in the meantime, it is desirable to offer these administrators a way to continue receiving maintenance updates to the Python 2.7 series, without having to gate that on upgrades to their certificate management infrastructure. PEP 476 did attempt to address this question, by covering how to revert the new settings process wide by monkeypatching the ``ssl`` module to restore the old behaviour. Unfortunately, the ``sitecustomize.py`` based technique proposed to allow system administrators to disable the feature by default in their Standard Operating Environment definition has been determined to be insufficient in at least some cases. The specific case of interest to the authors of this PEP is the one where a Linux distributor aims to provide their users with a `smoother migration path <https://bugzilla.redhat.com/show_bug.cgi?id=1173041>`__ than the standard one provided by consuming upstream CPython 2.7 releases directly, but other potential challenges have also been pointed out with updating embedded Python runtimes and other user level installations of Python. Rather than allowing a plethora of mutually incompatibile migration techniques to bloom, this PEP proposes two alternative approaches that redistributors may take when addressing these problems. Redistributors may choose to implement one, both, or neither of these approaches based on their assessment of the needs of their particular userbase. These designs are being proposed as a recommendation for redistributors, rather than as new upstream features, as they are needed purely to support legacy environments migrating from older versions of Python 2.7. Neither approach is being proposed as an upstream Python 2.7 feature, nor as a feature in any version of Python 3 (whether published directly by the Python Software Foundation or by a redistributor). Requirements for capability detection ===================================== As these recommendations are intended to cover backports to earlier Python versions, the Python version number cannot be used as a reliable means for detecting them. Instead, the recommendations are defined to allow the presence or absence of the feature to be determined using the following technique:: python -c "import ssl; ssl._relevant_attribute" This will fail with `AttributeError` (and hence a non-zero return code) if the relevant capability is not available. The marker attributes are prefixed with an underscore to indicate the implementation dependent nature of these capabilities - not all Python distributions will offer them, only those that are providing a multi-stage migration process from the legacy HTTPS handling to the new default behaviour. Recommendation for an environment variable based security downgrade =================================================================== Some redistributors may wish to provide a per-application option to disable certificate verification in selected applications that run on or embed CPython without needing to modify the application itself. In these cases, a configuration mechanism is needed that provides: * an opt-out model that allows certificate verification to be selectively turned off for particular applications after upgrading to a version of Python that verifies certificates by default * the ability for all users to configure this setting on a per-application basis, rather than on a per-system, or per-Python-installation basis This approach may be used for any redistributor provided version of Python 2.7, including those that advertise themselves as providing Python 2.7.9 or later. Required marker attribute ------------------------- The required marker attribute on the ``ssl`` module when implementing this recommendation is:: _https_verify_envvar = 'PYTHONHTTPSVERIFY' This not only makes it straightforward to detect the presence (or absence) of the capability, it also makes it possible to programmatically determine the relevant environment variable name. Recommended modifications to the Python standard library -------------------------------------------------------- The recommended approach to providing a per-application configuration setting for HTTPS certificate verification that doesn't require modifications to the application itself is to: * modify the ``ssl`` module to read the ``PYTHONHTTPSVERIFY`` environment variable when the module is first imported into a Python process * set the ``ssl._create_default_https_context`` function to be an alias for ``ssl._create_unverified_context`` if this environment variable is present and set to ``'0'`` * otherwise, set the ``ssl._create_default_https_context`` function to be an alias for ``ssl.create_default_context`` as usual Example implementation ---------------------- :: _https_verify_envvar = 'PYTHONHTTPSVERIFY' def _get_https_context_factory(): config_setting = os.environ.get(_https_verify_envvar) if config_setting == '0': return _create_unverified_context return create_default_context _create_default_https_context = _get_https_context_factory() Security Considerations ----------------------- Relative to an unmodified version of CPython 2.7.9 or later, this approach does introduce a new downgrade attack against the default security settings that potentially allows a sufficiently determined attacker to revert Python to the vulnerable configuration used in CPython 2.7.8 and earlier releases. However, such an attack requires the ability to modify the execution environment of a Python process prior to the import of the ``ssl`` module, and any attacker with such access would already be able to modify the behaviour of the underlying OpenSSL implementation. Recommendation for backporting to earlier Python versions ========================================================= Some redistributors, most notably Linux distributions, may choose to backport the PEP 476 HTTPS verification changes to modified Python versions based on earlier Python 2 maintenance releases. In these cases, a configuration mechanism is needed that provides: * an opt-in model that allows the decision to enable HTTPS certificate verification to be made independently of the decision to upgrade to the Python version where the feature was first backported * the ability for system administrators to set the default behaviour of Python applications and scripts run directly in the system Python installation * the ability for the redistributor to consider changing the default behaviour of *new* installations at some point in the future without impacting existing installations that have been explicitly configured to skip verifying HTTPS certificates by default This approach should not be used for any Python installation that advertises itself as providing Python 2.7.9 or later, as most Python users will have the reasonable expectation that all such environments will validate HTTPS certificates by default. Required marker attribute ------------------------- The required marker attribute on the ``ssl`` module when implementing this recommendation is:: _cert_verification_config = '<path to configuration file>' This not only makes it straightforward to detect the presence (or absence) of the capability, it also makes it possible to programmatically determine the relevant configuration file name. Recommended modifications to the Python standard library -------------------------------------------------------- The recommended approach to backporting the PEP 476 modifications to an earlier point release is to implement the following changes relative to the default PEP 476 behaviour implemented in Python 2.7.9+: * modify the ``ssl`` module to read a system wide configuration file when the module is first imported into a Python process * define a platform default behaviour (either verifying or not verifying HTTPS certificates) to be used if this configuration file is not present * support selection between the following three modes of operation: * ensure HTTPS certificate verification is enabled * ensure HTTPS certificate verification is disabled * delegate the decision to the redistributor providing this Python version * set the ``ssl._create_default_https_context`` function to be an alias for either ``ssl.create_default_context`` or ``ssl._create_unverified_context`` based on the given configuration setting. Recommended file location ------------------------- This approach is currently only defined for \*nix system Python installations. The recommended configuration file name is ``/etc/python/cert-verification.cfg``. The ``.cfg`` filename extension is recommended for consistency with the ``pyvenv.cfg`` used by the ``venv`` module in Python 3's standard library. Recommended file format ----------------------- The configuration file should use a ConfigParser ini-style format with a single section named ``[https]`` containing one required setting ``verify``. Permitted values for ``verify`` are: * ``enable``: ensure HTTPS certificate verification is enabled by default * ``disable``: ensure HTTPS certificate verification is disabled by default * ``platform_default``: delegate the decision to the redistributor providing this particular Python version If the ``[https]`` section or the ``verify`` setting are missing, or if the ``verify`` setting is set to an unknown value, it should be treated as if the configuration file is not present. Example implementation ---------------------- :: _cert_verification_config = '/etc/python/cert-verification.cfg' def _get_https_context_factory(): # Check for a system-wide override of the default behaviour context_factories = { 'enable': create_default_context, 'disable': _create_unverified_context, 'platform_default': _create_unverified_context, # For now :) } import ConfigParser config = ConfigParser.RawConfigParser() config.read(_cert_verification_config) try: verify_mode = config.get('https', 'verify') except (ConfigParser.NoSectionError, ConfigParser.NoOptionError): verify_mode = 'platform_default' default_factory = context_factories.get('platform_default') return context_factories.get(verify_mode, default_factory) _create_default_https_context = _get_https_context_factory() Security Considerations ----------------------- The specific recommendations for the backporting case are designed to work for privileged, security sensitive processes, even those being run in the following locked down configuration: * run from a locked down administrator controlled directory rather than a normal user directory (preventing ``sys.path[0]`` based privilege escalation attacks) * run using the ``-E`` switch (preventing ``PYTHON*`` environment variable based privilege escalation attacks) * run using the ``-s`` switch (preventing user site directory based privilege escalation attacks) * run using the ``-S`` switch (preventing ``sitecustomize`` based privilege escalation attacks) The intent is that the *only* reason HTTPS verification should be getting turned off system wide when using this approach is because: * an end user is running a redistributor provided version of CPython rather than running upstream CPython directly * that redistributor has decided to provide a smoother migration path to verifying HTTPS certificates by default than that being provided by the upstream project * either the redistributor or the local infrastructure administrator has determined that it is appropriate to override the default upstream behaviour (at least for the time being) Using an administrator controlled configuration file rather than an environment variable has the essential feature of providing a smoother migration path, even for applications being run with the ``-E`` switch. Combining the recommendations ============================= If a redistributor chooses to implement both recommendations, then the environment variable should take precedence over the system-wide configuration setting. This allows the setting to be changed for a given user, virtual environment or application, regardless of the system-wide default behaviour. In this case, if the ``PYTHONHTTPSVERIFY`` environment variable is defined, and set to anything *other* than ``'0'``, then HTTPS certificate verification should be enabled. Example implementation ---------------------- :: _https_verify_envvar = 'PYTHONHTTPSVERIFY' _cert_verification_config = '/etc/python/cert-verification.cfg' def _get_https_context_factory(): # Check for am environmental override of the default behaviour config_setting = os.environ.get(_https_verify_envvar) if config_setting is not None: if config_setting == '0': return _create_unverified_context return create_default_context # Check for a system-wide override of the default behaviour context_factories = { 'enable': create_default_context, 'disable': _create_unverified_context, 'platform_default': _create_unverified_context, # For now :) } import ConfigParser config = ConfigParser.RawConfigParser() config.read(_cert_verification_config) try: verify_mode = config.get('https', 'verify') except (ConfigParser.NoSectionError, ConfigParser.NoOptionError): verify_mode = 'platform_default' default_factory = context_factories.get('platform_default') return context_factories.get(verify_mode, default_factory) _create_default_https_context = _get_https_context_factory() Copyright ========= This document has been placed into the public domain. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia
On Mon, 6 Jul 2015 14:22:46 +1000 Nick Coghlan <ncoghlan@gmail.com> wrote:
The main change from the last version discussed on python-ideas
Was it discussed there? That list has become totally useless, I've stopped following it.
* modify the ``ssl`` module to read the ``PYTHONHTTPSVERIFY`` environment variable when the module is first imported into a Python process
Have you passed that by RedHat's security experts? Regards Antoine.
On 6 Jul 2015 20:23, "Antoine Pitrou" <solipsis@pitrou.net> wrote:
On Mon, 6 Jul 2015 14:22:46 +1000 Nick Coghlan <ncoghlan@gmail.com> wrote:
The main change from the last version discussed on python-ideas
Was it discussed there? That list has become totally useless, I've stopped following it.
* modify the ``ssl`` module to read the ``PYTHONHTTPSVERIFY``
environment
variable when the module is first imported into a Python process
Have you passed that by RedHat's security experts?
Yeah, they were the ones that finally persuaded me that this design was reasonable. If I understood their explanation correctly, the gist is that if you're running with elevated permissions while allowing arbitrary processes to set environment variables, you've already opened up so many attack vectors that the only reasonable defence is "don't do that", and hence higher level design decisions like sudo running in root's environment, not the individual user's. Since having the selective downgrade option available makes it easier to justify the default security *up*grade, it works out as a net win. However, I did just realise there's a bug in the current definition of that feature - it should respect the "ignore environment" flag, but it's currently specified as being unconditional. Cheers, Nick.
Regards
Antoine.
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe:
https://mail.python.org/mailman/options/python-dev/ncoghlan%40gmail.com
On Mon, 6 Jul 2015 23:22:09 +1000 Nick Coghlan <ncoghlan@gmail.com> wrote:
On 6 Jul 2015 20:23, "Antoine Pitrou" <solipsis@pitrou.net> wrote:
On Mon, 6 Jul 2015 14:22:46 +1000 Nick Coghlan <ncoghlan@gmail.com> wrote:
The main change from the last version discussed on python-ideas
Was it discussed there? That list has become totally useless, I've stopped following it.
* modify the ``ssl`` module to read the ``PYTHONHTTPSVERIFY``
environment
variable when the module is first imported into a Python process
Have you passed that by RedHat's security experts?
Yeah, they were the ones that finally persuaded me that this design was reasonable. If I understood their explanation correctly, the gist is that if you're running with elevated permissions while allowing arbitrary processes to set environment variables, you've already opened up so many attack vectors that the only reasonable defence is "don't do that", and hence higher level design decisions like sudo running in root's environment, not the individual user's. Since having the selective downgrade option available makes it easier to justify the default security *up*grade, it works out as a net win.
Thank you. Then I'm ok with the PEP. Regards Antoine.
On Mon, Jul 6, 2015 at 6:21 AM, Antoine Pitrou <solipsis@pitrou.net> wrote:
On Mon, 6 Jul 2015 14:22:46 +1000 Nick Coghlan <ncoghlan@gmail.com> wrote:
The main change from the last version discussed on python-ideas
Was it discussed there? That list has become totally useless, I've stopped following it.
Considering that a useful discussion of a useful PEP occurred there (not to mention other occasionally useful discussions) I'd say that such a value judgment is not only unnecessary but also inaccurate. That's fine if it's uninteresting to you and you don't want to follow it, but let's please avoid judgments on entire mailing lists and, by extension, the people holding conversations there. Thanks, Erik
Cross-posted to redirect discussion. Replies directed to Python-Ideas. Erik Bray writes on Python-Dev:
On Mon, Jul 6, 2015 at 6:21 AM, Antoine Pitrou <solipsis@pitrou.net> wrote:
On Mon, 6 Jul 2015 14:22:46 +1000, Nick Coghlan <ncoghlan@gmail.com> wrote:
The main change from the last version discussed on python-ideas
Was it discussed there? That list has become totally useless, I've stopped following it.
Considering that a useful discussion of a useful PEP occurred there (not to mention other occasionally useful discussions) I'd say that such a value judgment is not only unnecessary but also inaccurate.
As you point out, the words "totally" and "useless" were unnecessary and inaccurate respectively. However, the gist of his post, that the S/N on Python-Ideas has become substantially lower in the last few months, seems accurate to me. At least two recent threads could have been continued on Python-List, where they would have benefited a lot more users, and they didn't seem profitable on Python-Ideas since it was quite evident that Those Who Know About Python were adamantly opposed to the idea as discussed in the thread, while the proponent kept pushing on that brick wall rather than seeking a way around it. I myself continue to follow Python-Ideas, Nick and other committers are posting here daily, and even Guido manages to pop up occasionally, so that may be no problem (or even a good thing if it results in educating and inviting new committers in the long run). But I think it's worth considering whether it we should cultivate a bit more discipline here. Again, discussion on Python-Ideas, please.
On 07/07/2015 03:10, Stephen J. Turnbull wrote:
Cross-posted to redirect discussion. Replies directed to Python-Ideas.
Erik Bray writes on Python-Dev:
On Mon, Jul 6, 2015 at 6:21 AM, Antoine Pitrou <solipsis@pitrou.net> wrote:
On Mon, 6 Jul 2015 14:22:46 +1000, Nick Coghlan <ncoghlan@gmail.com> wrote:
The main change from the last version discussed on python-ideas
Was it discussed there? That list has become totally useless, I've stopped following it.
Considering that a useful discussion of a useful PEP occurred there (not to mention other occasionally useful discussions) I'd say that such a value judgment is not only unnecessary but also inaccurate.
As you point out, the words "totally" and "useless" were unnecessary and inaccurate respectively.
However, the gist of his post, that the S/N on Python-Ideas has become substantially lower in the last few months, seems accurate to me. At least two recent threads could have been continued on Python-List, where they would have benefited a lot more users, and they didn't seem profitable on Python-Ideas since it was quite evident that Those Who Know About Python were adamantly opposed to the idea as discussed in the thread, while the proponent kept pushing on that brick wall rather than seeking a way around it.
I myself continue to follow Python-Ideas, Nick and other committers are posting here daily, and even Guido manages to pop up occasionally, so that may be no problem (or even a good thing if it results in educating and inviting new committers in the long run). But I think it's worth considering whether it we should cultivate a bit more discipline here.
Again, discussion on Python-Ideas, please.
From https://mail.python.org/mailman/listinfo/python-ideas <quote> This list is to contain discussion of speculative language ideas for Python for possible inclusion into the language. If an idea gains traction it can then be discussed and honed to the point of becoming a solid proposal to put to python-dev as appropriate. </quote> Relative to the above I believe that far too many proposals are for trivial ideas, mainly targetted at the stdlib, that would be better suited to the main python list. As for gaining traction, it's often the complete opposite, flogging a dead horse is an understatement for some threads. Gently putting the OP down with a firm but polite "it ain't gonna happen" would save a lot of time all around. Just my £0.02p worth. -- My fellow Pythonistas, ask not what our language can do for you, ask what you can do for our language. Mark Lawrence
Erik Bray <erik.m.bray@gmail.com> wrote: > On Mon, Jul 6, 2015 at 6:21 AM, Antoine Pitrou <solipsis@pitrou.net> wrote: >> On Mon, 6 Jul 2015 14:22:46 +1000 >> Nick Coghlan <ncoghlan@gmail.com> wrote: >>> >>> The main change from the last version discussed on python-ideas >> >> Was it discussed there? That list has become totally useless, I've >> stopped following it. > Considering that a useful discussion of a useful PEP occurred there > (not to mention other occasionally useful discussions) I'd say that > such a value judgment is not only unnecessary but also inaccurate. > That's fine if it's uninteresting to you and you don't want to follow > it, but let's please avoid judgments on entire mailing lists and, by > extension, the people holding conversations there. In an informal setting, exaggeration is used widely in continental Europe. I found the remark funny and was glad to hear that I'm not the only one who has problems with python-ideas. Stefan Krah
On Tue, Jul 7, 2015 at 11:24 AM, Mark Lawrence <breamoreboy@yahoo.co.uk> wrote:
From https://mail.python.org/mailman/listinfo/python-ideas
<quote> This list is to contain discussion of speculative language ideas for Python for possible inclusion into the language. If an idea gains traction it can then be discussed and honed to the point of becoming a solid proposal to put to python-dev as appropriate. </quote>
Relative to the above I believe that far too many proposals are for trivial ideas, mainly targetted at the stdlib, that would be better suited to the main python list.
As for gaining traction, it's often the complete opposite, flogging a dead horse is an understatement for some threads. Gently putting the OP down with a firm but polite "it ain't gonna happen" would save a lot of time all around.
Just my £0.02p worth.
Agreed. It's also probably easier to just ignore an obviously bad or poorly thought-out idea than to try to engage the OP in lengthy explanations of why that is so. After all there's a huge amount of subjectivity -- we won't change our minds, but it takes forever to explain to someone who's new to Python core development. -- --Guido van Rossum (python.org/~guido)
On 7 July 2015 at 21:49, s.krah <stefan@bytereef.org> wrote:
Erik Bray <erik.m.bray@gmail.com> wrote:
On Mon, Jul 6, 2015 at 6:21 AM, Antoine Pitrou <solipsis@pitrou.net> wrote:
On Mon, 6 Jul 2015 14:22:46 +1000 Nick Coghlan <ncoghlan@gmail.com> wrote:
The main change from the last version discussed on python-ideas
Was it discussed there? That list has become totally useless, I've stopped following it.
Considering that a useful discussion of a useful PEP occurred there (not to mention other occasionally useful discussions) I'd say that such a value judgment is not only unnecessary but also inaccurate. That's fine if it's uninteresting to you and you don't want to follow it, but let's please avoid judgments on entire mailing lists and, by extension, the people holding conversations there.
In an informal setting, exaggeration is used widely in continental Europe. I found the remark funny and was glad to hear that I'm not the only one who has problems with python-ideas.
Folks are free to make all the jokes they want about python-ideas over drinks at a conference, or when bouncing their heads off their desks at how far off the rails a particular thread has gone - we wouldn't be human if we didn't need to vent our frustrations sometimes. That doesn't make it OK to vent those frustrations *here*. Here, python-ideas needs to be accepted as a useful component of the development process - it's the location where more freewheeling "this *might* be a good idea" design discussions can happen with input from experienced core developers and other community members without bothering the folks that aren't interested in those kinds of conversations, before python-dev and the issue tracker come into play to provide more ruthless weeding out of the bad ideas. An awful lot of what we discuss on python-ideas will turn out to be a bad idea, just be sheer weight of probability. However, even weeding out the bad ideas is a useful exercise in refining our collective understanding of what "good" looks like (I know I've learned a *lot* from the many occasions where Guido or someone else has persuaded me that one of my ideas wasn't as good as I originally thought it was). It's OK if folks aren't interested in participating in the noisy early stages of that process - that's why the activity was long since moved out to a dedicated list. It's not OK to make the jump from "I don't consider participating in that to be the best possible use of my own time" to "it isn't worth doing". Regards, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia
On Wed, 8 Jul 2015 00:10:09 +1000 Nick Coghlan <ncoghlan@gmail.com> wrote:
It's OK if folks aren't interested in participating in the noisy early stages of that process - that's why the activity was long since moved out to a dedicated list. It's not OK to make the jump from "I don't consider participating in that to be the best possible use of my own time" to "it isn't worth doing".
Ok. As Stefan points out, exageration is a common rhetoric device - for the better or (mostly perhaps :-)) for the worse. Sorry if that *actually* offended some people. In this case, though, I was a bit miffed since I didn't notice that PEP appearing on python-ideas (or perhaps I already forget discussing it?), which made me frustrated that *perhaps* with less pointless drifting I would have seen it. Being one of the principal maintainers of the ssl module I was definitely interested on giving my opinion. Whether the time required to properly follow python-ideas is a productive involvement for the average core dev is another question. The problem I see with python-ideas is that it may select on free time more than on actual, concrete contribution... (note that python-list has a similar problem with some of its old-timers and regular ranters; the difference is that python-list has a ready alternative in StackOverflow, with perhaps higher-quality answers... it's less and less relevant in the grand scheme of things) Regards Antoine.
Nick Coghlan <ncoghlan@gmail.com> wrote: > It's OK if folks aren't interested in participating in the noisy early > stages of that process - that's why the activity was long since moved > out to a dedicated list. It's not OK to make the jump from "I don't > consider participating in that to be the best possible use of my own > time" to "it isn't worth doing". Well yes, to me it was an exaggeration which a German or French person would interpret as "not the best possible use of one's time". ;) Leaving phrasing and timing aside (Antoine has already explained himself), how are people who don't go to Pycons supposed to know the opinion of other core-devs if no one ever voices a complaint on a mailing list? Stefan Krah
On 07/07/2015 15:42, Antoine Pitrou wrote:
Whether the time required to properly follow python-ideas is a productive involvement for the average core dev is another question. The problem I see with python-ideas is that it may select on free time more than on actual, concrete contribution...
(note that python-list has a similar problem with some of its old-timers and regular ranters; the difference is that python-list has a ready alternative in StackOverflow, with perhaps higher-quality answers... it's less and less relevant in the grand scheme of things)
I cannot see StackOverflow as a "ready alternative" to python-list as questions are strictly closed, nothing in the way of debate is allowed. I'd love to explain to some people what I think of their "perhaps higher-quality answers" but I don't have enough "reputation". Having said that I have to agree about python-list, there is very little of any substance on there nowadays. Perhaps that's because people are reading any of the 387 Python lists on gmane that are dedicated to their specific area of interest? -- My fellow Pythonistas, ask not what our language can do for you, ask what you can do for our language. Mark Lawrence
On 8 July 2015 at 00:42, Antoine Pitrou <solipsis@pitrou.net> wrote:
In this case, though, I was a bit miffed since I didn't notice that PEP appearing on python-ideas (or perhaps I already forget discussing it?), which made me frustrated that *perhaps* with less pointless drifting I would have seen it. Being one of the principal maintainers of the ssl module I was definitely interested on giving my opinion.
And it turns out that omission is entirely my fault - I *thought* I'd previously started a python-ideas thread, but instead we only filed a tracker issue, and I *didn't* add everyone handling ssl module maintenance to the nosy list for it. If I'd added a proper references section to the PEP I would have noticed there *wasn't* a previous thread on it and I was misremembering. My apologies for the confusion. I'll add a proper references section to the PEP (which will also call out the Red Hat CVE thread more clearly) in addition to fixing the example code to respect the "ignore_environment" flag. As Guido suggested, would you be willing to take on the BDFL-Delegate task for this? It definitely seems appropriate given the errors and omissions you've already found :) Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia
On Thu, 9 Jul 2015 20:57:33 +1000 Nick Coghlan <ncoghlan@gmail.com> wrote:
As Guido suggested, would you be willing to take on the BDFL-Delegate task for this? It definitely seems appropriate given the errors and omissions you've already found :)
Fine. I'll take a look again and come up with questions, if I have any. Regards Antoine.
participants (7)
-
Antoine Pitrou -
Erik Bray -
Guido van Rossum -
Mark Lawrence -
Nick Coghlan -
s.krah -
Stephen J. Turnbull