[Python-Dev] Future of SSL
Guido van Rossum
guido@python.org
Fri, 26 Oct 2001 22:26:38 -0400
> What I'd suggest for Python 2.2 is to *not* add any new features, like
> server-side SSL but only accept bugfixes for the current client-side
> code.
Sounds good to me.
> As the current implementation is broken and there is probably little SSL
> knowledge in the Python core team, I propose to "outsource" the problem:
Thanks! We can sure use some help here.
> It should be possible to define a "Python SSL interface" that describes
> an API for SSL. The various modules in Python that use SSL (urllib,
> smtp, ...) would then be rewritten to use the new API. The
> socketmodule.c would be rewritten to use the new API instead.
I've just started digging in the socketmodule.c for a different
reason, and I propose to move all the SSL stuff to a separate file and
module.
> Then, wrappers could be written for the various SSL modules that wrap
> them into the new "Python SSL interface" API.
This is a good idea. The DB API works like this.
> As for me, I'm not an expert in SSL, but I'd be willing to try
> coordinate the efforts, write a PEP, talk with the module maintainers
> and such.
But we do need *an* expert, don't we? Maybe you can develop expertise
as you go?
> I'd be grateful to hear your opinions about this newbie proposal :-)
You don't sound much like a newbie. :-)
--Guido van Rossum (home page: http://www.python.org/~guido/)