[pypy-dev] Validate SSL/TLS
Alex Gaynor
alex.gaynor at gmail.com
Thu Jan 23 16:18:49 CET 2014
Yeah, I think writing the patch for the backport (off by default... for
now) is a good next step. If you send a PR or create a branch I can review
it.
Alex
On Thu, Jan 23, 2014 at 9:17 AM, Donald Stufft <donald at stufft.io> wrote:
> Apologies as I’ve just recently sub’d to pypy-dev so I don’t know it’s
> normal
> speed and such.
>
> Is there enough here that a patch to do (a) would be a reasonable next
> step?
>
> On Jan 22, 2014, at 12:45 PM, Donald Stufft <donald at stufft.io> wrote:
>
>
> On Jan 22, 2014, at 12:40 PM, Alex Gaynor <alex.gaynor at gmail.com> wrote:
>
> (a) is a no brainer to me, there's no backwards compatibility concerns
> here, right?
>
>
> Not with PyPy itself, it’d obviously be a difference from CPython itself
> (you’d need some sort of boolean toggle to turn it on and off that wouldn’t
> expect in CPython 2.7) but that could default to False and if someone
> doesn’t use it they’d get the same behavior as previous versions of PyPy
> and the same as CPython 2.7.
>
> Obviously if they did use it then their code would only run on PyPy.
>
>
> I'm +1 on (b) as well, but let's get (a) done first. I think we need to be
> being proactive in protecting our users, and the fact that CPython's core
> devs are playing fast and loose with security (particular on Py2) is no
> excuse.
>
> Alex
>
>
> On Wed, Jan 22, 2014 at 11:37 AM, Donald Stufft <donald at stufft.io> wrote:
>
>> Hey there!
>>
>> So I’d like SSL/TLS in Python to be better and at the prompting of Alex
>> I’m opening this thread to discuss the possibility of incorporating some of
>> these changes into PyPy.
>>
>> Basically it boils down to is PyPy willing to:
>>
>> a) Have SSL hostname validation back ported to it
>> b) Have that turned on by default
>>
>> -----------------
>> Donald Stufft
>> PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372
>> DCFA
>>
>>
>> _______________________________________________
>> pypy-dev mailing list
>> pypy-dev at python.org
>> https://mail.python.org/mailman/listinfo/pypy-dev
>>
>>
>
>
> --
> "I disapprove of what you say, but I will defend to the death your right
> to say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
> "The people's good is the highest law." -- Cicero
> GPG Key fingerprint: 125F 5C67 DFE9 4084
>
>
>
> -----------------
> Donald Stufft
> PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372
> DCFA
>
>
>
> -----------------
> Donald Stufft
> PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372
> DCFA
>
>
--
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
GPG Key fingerprint: 125F 5C67 DFE9 4084
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/pypy-dev/attachments/20140123/1a360540/attachment.html>
More information about the pypy-dev
mailing list