[Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
Antoine Pitrou
solipsis at pitrou.net
Sun Mar 23 16:34:40 CET 2014
On Sun, 23 Mar 2014 07:29:07 +0000
Cory Benfield <cory at lukasa.co.uk> wrote:
> On 23 March 2014 at 04:32:17, Terry Reedy (tjreedy at udel.edu(mailto:tjreedy at udel.edu)) wrote:
> > Instead, I think the PEP should propose a special series of server
> > enhancement releases that are based on the final 2.7 maintenance release
> > (2.7.8 or 2.7.9) but which have have a different application-specific
> > enhancement policy.
>
> This is an interesting idea. My biggest problem with it is that, at least
> with the ssl library, these aren’t server-only problems. If we suggest that
> they are, we end up in the same position we’re in right now (that is, hurting
> the internet).
>
> For example, Python 2.7’s ssl module lacks the OP_NO_COMPRESSION option for
> OpenSSL,
This is easy to change in a bugfix release, though. Someone just has to
open an issue and write a patch.
Regards
Antoine.
More information about the Python-Dev
mailing list