[Python-Dev] PEP 466 (round 4): Python 2.7 network security enhancements

Guido van Rossum guido at python.org
Thu Mar 27 16:54:02 CET 2014


BTW, my intention was also to set a precedent for future additions to the
list. "We did this before" is a great argument to help smooth the path,
without bypassing deliberations altogether.
On Mar 27, 2014 2:33 AM, "Nick Coghlan" <ncoghlan at gmail.com> wrote:

> On 27 March 2014 18:02, Stephen J. Turnbull <stephen at xemacs.org> wrote:
> > Alex Gaynor writes:
> >
> >  > Here's my proposed list of such featuers:
> >
> > And suppose that list grows over time?  After all, it once was [].
> >
> > If we go for a feature-by-feature list, that has two more-or-less
> > hidden costs.  (1) Python-Dev has to specify which ones, and either
> > risks a new specification debate in the future, or needs to spend
> > time now describing criteria and processes for extending the list.
>
> It's not a hidden cost - it's a deliberately chosen one. Guido was
> wary of an open-ended agreement, so by enumerating the precise set of
> missing features in Python 2.7 that are causing concern for the
> network security folks, we get to address the immediate problem,
> without granting permission to backport further arbitrary features
> without additional discussion.
>
> > (2) Users may need to worry about the list.  (OTOH, as long as the
> > list is restricted to features in certain modules, users can choose to
> > assume anything in those modules may have changed behavior and that's
> > no different from Nick's proposal for them.)
>
> The PEP already specifically advises that cross-version compatible
> code use feature detection rather than version checks. For network
> security, it's recommended to avoid using the low level modules
> directly, anyway - it's much better to use a higher level library like
> requests, to reduce the number of places where we need to get the
> security design right.
>
> Cheers,
> Nick.
>
> --
> Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe:
> https://mail.python.org/mailman/options/python-dev/guido%40python.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20140327/781ea4da/attachment.html>


More information about the Python-Dev mailing list