[Python-Dev] PEP 466 (round 4): Python 2.7 network security enhancements
Alex Gaynor
alex.gaynor at gmail.com
Wed Mar 26 00:47:38 CET 2014
At this I think this PEP has become a little too vague and abstract, and I
think we'd probably be better served by getting more concrete:
Problem:
Some of Python 2's modules which are fundamentally necessary for interop with
the broader internet, and the security thereof, are missing really important
features.
Right now Python 2 has a policy of getting absolutely new features.
Solution:
We're going to ignore that policy for a couple of pretty important features to
that end.
Here's my proposed list of such featuers:
* hmac
* constant_time_compare
* os
* Persisant FD for os.urandom()
* ssl
* SNI
* SSLContext
* A giant suite of constants from OpenSSL
* The functions for checking a hostname against a certificate
* The functions for finding the platform's certificate store
Alex
More information about the Python-Dev
mailing list