[Python-Dev] CPython on Windows ARM32
Christian Heimes
christian at python.org
Fri Feb 8 05:21:03 EST 2019
On 07/02/2019 00.41, Ned Deily wrote:
> On Feb 6, 2019, at 18:28, Steve Dower <steve.dower at python.org> wrote:
>> On 06Feb2019 1423, Christian Heimes wrote:
>>> Do you want to update Python 3.8 (master) only or also 3.7? I'm not
>>> strictly against updating 3.7. However we have traditionally kept the
>>> OpenSSL version of each branch stable. 1.1.1 comes with new features,
>>> stricter security settings and some ciphers removed.
>> I would prefer to stay on 1.1.0 for 3.7, but it's up to the release manager.
>
> Me, too. I am concerned that 1.1.1 support has not had a lot of exposure yet. Even the "What's New" document for 3.7 states: "The ssl module has preliminary and experimental support for TLS 1.3 and OpenSSL 1.1.1. "
That's from the alpha and beta phase of OpenSSL. Support for 1.1.1 is as
stable as it can get.
> I am OK with fixes for 1.1.1 support but I think it would be premature to change the Windows and/or macOS installers from 1.1.0 to 1.1.1.
1.1.1a is a solid release. Debian testing, Fedora, and RHEL 8 beta have
been shipping and testing 1.1.1 for a while. In my professional opinion
it's less about stability but more about backwards compatibility issues.
TLS 1.3 behaves slightly differently and 1.1.1 has dropped some weak
ciphers.
Christian
More information about the Python-Dev
mailing list