[Python-ideas] Making the stdlib consistent again

Cory Benfield cory at lukasa.co.uk
Tue Jul 26 03:53:44 EDT 2016

> On 25 Jul 2016, at 19:55, Ralph Broenink <ralph at ralphbroenink.net> wrote:
>   * Names that do not reflect actual usage, such as ssl.PROTOCOL_SSLv23, which can in fact not be used as client for SSLv2. 

PROTOCOL_SSLv23 *can* be used as a client for SSLv2, in some circumstances. If you want to fight about names, then we should talk about the fact that PROTOCOL_SSLv23 means “use a SSLv3 handshake and then negotiate the highest commonly supported TLS version”.

However, this naming scheme comes from OpenSSL (what we call PROTOCOL_SSLv23 OpenSSL calls SSLv23_METHOD, and so on). This naming scheme *is* terrible, but the stdlib ssl module is really more appropriately called the openssl module: it exposes a substantial number of OpenSSL internals and names. Happily, OpenSSL is changing this name to TLS_METHOD, which is what it should have been called all along.


More information about the Python-ideas mailing list