[Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
Guido van Rossum
guido at python.org
Sun Mar 23 02:37:24 CET 2014
I'm a bit under the weather and I'm not sure what to think of this yet.
With that provision, and trying to be brief:
I agree that there are security concerns about Python 2.7 that can't be
addressed by recommending Python 3.4 instead. I also agree that the ban on
new features in old releases can be stifling. But I also worry about
breaking working code.
I am a bit worried that writing a PEP (at least this specific PEP) would
become less about arguing for a specific technical (or even political)
idea, and more about putting "weasel words" in an official document so that
it can be used to justify future actions without due process.
I wonder whether there is a specific narrower proposal (e.g. add SSLContext
to Python 2.7.7?) that would make the discussion more concrete.
--
--Guido van Rossum (python.org/~guido)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20140322/fbd2c12a/attachment.html>
More information about the Python-Dev
mailing list