[New-bugs-announce] [issue21013] server-specific SSL context configuration
Antoine Pitrou
report at bugs.python.org
Fri Mar 21 20:07:46 CET 2014
New submission from Antoine Pitrou:
Currently, create_default_context() doesn't do anything special for server use. It seems the configuration could be improved, though:
- PROTOCOL_TLSv1 is suboptimal for servers: a "TLSv1" server can't accept a TLSv1.2 client, but a "SSLv23" server will; so we should use PROTOCOL_SSLv23 (!)
- we could enable ECDH by calling SSLContext.set_ecdh_curve(<something>)
----------
components: Library (Lib)
messages: 214405
nosy: christian.heimes, dstufft, pitrou
priority: normal
severity: normal
status: open
title: server-specific SSL context configuration
type: enhancement
versions: Python 3.4, Python 3.5
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue21013>
_______________________________________
More information about the New-bugs-announce
mailing list