[Python-Dev] CPython on Windows ARM32

Christian Heimes christian at python.org
Fri Feb 8 05:21:03 EST 2019


On 07/02/2019 00.41, Ned Deily wrote:
> On Feb 6, 2019, at 18:28, Steve Dower <steve.dower at python.org> wrote:
>> On 06Feb2019 1423, Christian Heimes wrote:
>>> Do you want to update Python 3.8 (master) only or also 3.7? I'm not
>>> strictly against updating 3.7. However we have traditionally kept the
>>> OpenSSL version of each branch stable. 1.1.1 comes with new features,
>>> stricter security settings and some ciphers removed.
>> I would prefer to stay on 1.1.0 for 3.7, but it's up to the release manager.
> 
> Me, too.  I am concerned that 1.1.1 support has not had a lot of exposure yet.  Even the "What's New" document for 3.7 states: "The ssl module has preliminary and experimental support for TLS 1.3 and OpenSSL 1.1.1. "

That's from the alpha and beta phase of OpenSSL. Support for 1.1.1 is as
stable as it can get.

> I am OK with fixes for 1.1.1 support but I think it would be premature to change the Windows and/or macOS installers from 1.1.0 to 1.1.1.

1.1.1a is a solid release. Debian testing, Fedora, and RHEL 8 beta have
been shipping and testing 1.1.1 for a while. In my professional opinion
it's less about stability but more about backwards compatibility issues.
TLS 1.3 behaves slightly differently and 1.1.1 has dropped some weak
ciphers.

Christian



More information about the Python-Dev mailing list