[issue20995] Use Better Default Ciphers for the SSL Module
Antoine Pitrou
report at bugs.python.org
Fri Mar 21 00:40:30 CET 2014
Antoine Pitrou added the comment:
> The Python ssl module is used for servers and clients. Ideally servers will
> have prefer server ciphers on, but that doesn't always happen and providing
> a modern level of security for end users is preferable.
We should have specific defaults for servers in
create_default_context().
> The
> danger for breakage here is *tiny*, *miniscule*, almost non existent and the
> failure case is obvious and easy to fix.
Again: the point is maintenance later, not breakage now.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20995>
_______________________________________
More information about the Python-bugs-list
mailing list