[Python-Dev] Supported versions of OpenSSL
Nick Coghlan
ncoghlan at gmail.com
Sun Aug 28 23:05:48 EDT 2016
On 29 August 2016 at 06:40, Christian Heimes <christian at python.org> wrote:
> Hi,
>
> we need to talk about OpenSSL and LibreSSL before the next release of
> Python. I'm working on a PEP. Most likely it won't be ready before the
> feature freeze.
If it's just drafting work that you need help with on that front, feel
free to send me what you have and I can work it up into PEP form so
folks can see a consolidated list of the proposed changes.
> I like to reduce the maintenance burden and list of supported OpenSSL
> versions ASAP. OpenSSL has deprecated 0.9.8 and 1.0.0 last year. 1.0.1
> will reach EOL by the end of this year,
> https://www.openssl.org/policies/releasestrat.html . However OpenSSL
> 0.9.8 is still required for some platforms (OSX).
Back when I wrote PEP 466, Ned indicated he was in favour of switching
to static linking for the Mac OS X installers:
https://mail.python.org/pipermail/python-dev/2014-March/133347.html
So for 3.6, I agree with Benjamin's suggestion that we drop 0.9.8
support as well.
For 2.7, I think we should defer the decision on what to do to a
follow-up to PEP 466 that resyncs 2.7 with the Python 3.6 network
security stack (while 466 got 2.7 to parity with 3.4.3, even that's
starting to show its age now)
Cheers,
Nick.
--
Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
More information about the Python-Dev
mailing list