[New-bugs-announce] [issue20913] Standard Library documentation needs SSL security best practices doc.

[R. David Murray]

New submission from R. David Murray:

It's great that Christian did all the work he did on the SSL module to enhance its security capabilities, and great that Antoine did the work he did before that.  Now we need an explanation of how best to use it all :)


It is not clear from the existing documentation how to best use the various standard library modules that support SSL in a "best practices" way.  Perhaps this could go in the SSL docs and be linked from all the library components that use it.  Alternatively we could perhaps have a general security overview chapter in the library reference, but we at least an SSL one.  The existing documentation in the SSL module, while it contains a lot of information about the available, doesn't make it clear what a programmer should actually *do*.  As one example, it is not clear when or even if an application programmer would call check_hostname.

----------
assignee: christian.heimes
messages: 213425
nosy: christian.heimes, haypo, pitrou, r.david.murray
priority: normal
severity: normal
status: open
title: Standard Library documentation needs SSL security best practices doc.

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20913>
_______________________________________