[Python-Dev] RFC: Backport ssl.MemoryBIO and ssl.SSLObject to Python 2.7

Donald Stufft donald at stufft.io
Thu Jun 8 07:06:03 EDT 2017

> On Jun 8, 2017, at 6:36 AM, Victor Stinner <victor.stinner at gmail.com> wrote:
> 2017-06-08 10:30 GMT+02:00 Cory Benfield <cory at lukasa.co.uk>:
>> This is what I was worried about. Moving to require PyOpenSSL *also* locks
>> us out of Jython support, at least for the time being. That’s another point
>> in the “con” column for making PyOpenSSL a mandatory dependency.
> Even if we do backport MemoryBIO to the next Python 2.7.14, I don't
> think that you can require MemoryBIO. What about all existing
> operating systems which provide a Python 2.7 without MemoryBIO? You
> need to have a workaround anyway. For example, make the new
> asynchronous API optional and use the old blocking mode in the
> meanwhile.

I mentioned it earlier, but using the current download numbers from PyPI, <2.7.9 is rapidly dropping and is likely going to be single digit %age within the next 6-8 months IIRC. If 2.7.14 follows a similar trajectory, requests can depend on it within like… 2 years? Maybe 3? Likely it will depend on whether 2.7.14 gets into the next Ubuntu LTS or not.

Donald Stufft

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20170608/105822c8/attachment.html>

More information about the Python-Dev mailing list