On 26.06.2021 21:32, Ethan Furman wrote:
On 6/25/21 5:20 PM, Eric V. Smith wrote:
It seems like many of the suggestions are SSLContext specific. I don't think
we should be adding
__slots__ or otherwise redefining the interface to that object. Isn't this a
general "problem" in
In most cases I would agree with you, but in this case the object is security sensitive, and security should be much more rigorous in ensuring correctness.
Isn't this more an issue of API design rather than Python's flexibility when it comes to defining attributes ?
IMO, a security relevant API should not use direct attribute access for adjusting important parameters. Those should always be done using functions or method calls which apply extra sanity checks and highlight issues in form of exceptions.
And those are possible in Python without calling type checking, linters or other extra tools to the rescue.