Thomas Grainger wrote:

It looks like there's a consensus being reached, should I create a bpo?

Perhaps first state what seems to be the consensus and invite further comments before going to bpo.

Disclaimer: I'd like to see both:

1. Something on PyPi to help persons who are using ssl on current Python.
2. Something in a future version of Python, that constrains attribute access.

We can do (1) first, and it will help inform (2).