[issue38036] ssl docs say that ssl.SSLContext() is secure-by-default since 3.6, but it isn't
Christian Heimes
report at bugs.python.org
Thu Sep 5 04:01:10 EDT 2019
Christian Heimes <lists at cheimes.de> added the comment:
Indeed, the text is misleading. "secure default values" refers to SSLContext.options only (no compression, "good" TLS versions) and not to cert and host name verification.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue38036>
_______________________________________
More information about the Python-bugs-list
mailing list