For what it’s worth, I’d like to highlight the things that are extremely important to my area of the world (namely, securing HTTPS connections).

On 15 Aug 2016, at 18:12, Christian Heimes wrote:

Make ssl module compatible with OpenSSL 1.1.0 --------------------------------------------- http://bugs.python.org/issue26470 https://github.com/tiran/cpython/commits/feature/openssl110 https://github.com/tiran/cpython/commits/feature/openssl110_27

OpenSSL 1.1.0 changes several APIs, e.g. it makes structs opaque. The ticket has patches for 2.7 and 3.x series. It should be applied to all Python versions that are open for security patches.

This is extremely important. The 1.1 series of OpenSSL releases is going to be the only collection of OpenSSLs that get support for TLS 1.3, which contains several substantial security and resiliency enhancements. The fact that they’re dramatically changing their API, while annoying for backported Python releases, is not a good reason not to backport this. We should backport to 2.7 and the active 3.x releases for sure.

Add ChaCha20 Poly1305 to SSL ciphers ------------------------------------ http://bugs.python.org/issue27766 https://github.com/tiran/cpython/commits/feature/chacha20

The ticket changes the default cipher list and moves ChaCha20 Poly1305 up front. For now the patch makes only sense with OpenSSL 1.1.0 since 1.0.2 does not include the cipher. I expect to see backports, though. It should be applied to all Python versions, too.

There’s no reason not to backport this too. ChaCha20-Poly1305 is not currently a security enhancement over the state of the art in TLS (AES-GCM), but it has performance advantages on some platforms and, more importantly, provides us another good AEAD to move to if AES-GCM is broken in any form. Backporting this would also be advantageous, though not required for Requests or Twisted, which have already provided their equivalent patches.

ssl: add public API for IA-32 processor capabilities vector ----------------------------------------------------------- http://bugs.python.org/issue27768

This ticket doesn't have a patch yet. I'm going to move code from ticket 27766 to a separate ticket. Alex and Cory have requested to make the API public.

I noted above that ChaCha20-Poly1305 performs better on some platforms. Specifically, it performs better on platforms without the AES-NI extended instruction set. Ideally on platforms without those instructions we’d prioritise ChaCha20-Poly1305 over AES-GCM, but right now we cannot ask that question from Python code. This API would allow us to do so. It’s not urgent, and I don’t mind if we don’t backport it, but it’d be extremely useful to have access to the API (and, to be clear, Requests will almost certainly use the API if it’s available from Python code, *even* if it’s private). The rest are all good, but matter far less to the TLS crowd. =) Cory

Hi, thanks for the feedback. Since my last mail a couple of things have happened. Victor has reviewed my AF_ALG patch and I got some feedback on a new variant of setsockopt() on python-dev. The patch is almost ready. I have submitted updated patch for SHA-3 and BLAKE2 support. Both need a final review and ACK. OpenSSL 1.1 has been released and block ciphers with small blocks have been found insecure. This affects 3DES i our default cipher list. OpenSSL 1.1.0 has removed 3DES, which broke one test. I'm going to update my OpenSSL 1.1 patch soonish. I have two more security tickets in the queue. Please give feedback. Remove 3DES from cipher list (sweet32 CVE-2016-2183) ---------------------------------------------------- https://bugs.python.org/issue27850 Fix for https://sweet32.info/ ssl: get list of enabled ciphers -------------------------------- https://github.com/tiran/cpython/tree/feature/openssl_ciphers https://bugs.python.org/issue27866 Counter part of SSLContext.set_ciphers(), SSLContext.get_ciphers() returns list of dicts with enabled ciphers.