[Distutils] Announcement: TLSv1.2 will become mandatory in the future
Nick Coghlan
ncoghlan at gmail.com
Tue Jan 10 22:59:43 EST 2017
On 10 January 2017 at 23:24, Donald Stufft <donald at stufft.io> wrote:
> Looking at the download numbers, the absolute largest driver of TLSv1.0 and
> TLSv1.1 traffic to PyPI are old versions of pip or other clients where I
> cannot
> tell the OS that they are being run on.
Can you tell the Python version they're running even with older clients?
I just checked the exact dates/versions where TLS v1.2 was properly
enabled in the various versions of Python that Red Hat ships, and this
change should be fine for:
* RHEL/CentOS 7.2+ (PEP 466 backport released November 2015)
* Red Hat Software Collections 2.2+ (PEP 466 backport released May 2016)
However, folks currently using the system Python 2.6 installation in
RHEL/CentOS 6 are going to need to upgrade to Python 2.7 somehow,
whether that's by:
- upgrading to RHEL/CentOS 7
- doing a parallel install via RHSCL/softwarecollections.org
- doing a parallel install via ius.io
(The problem with RHEL 6 is that even though the *OS* has supported
TLS v1.2 since RHEL 6.5, *Python 2.6* doesn't properly support
accessing them through the standard library's SSL module, since it's
missing the features backported from 3.x by PEP 466)
Cheers,
Nick.
--
Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
More information about the Distutils-SIG
mailing list