[Python-Dev] Future of SSL

[Christopher Petrilli]

Guido van Rossum [guido@python.org] wrote:
> > Then, wrappers could be written for the various SSL modules that wrap
> > them into the new "Python SSL interface" API.
> 
> This is a good idea.  The DB API works like this.

I think that if OpenSSL is available, Python should build "out of the
box" with SSL support.  This is becomming more and more important with 
projects I'm working on, especially with SOAP and XML-RPC.  This
doesn't mean someone shouldn't be able to replace it, and we should
always define an API, but... I think we need to work out of the box.

> > As for me, I'm not an expert in SSL, but I'd be willing to try
> > coordinate the efforts, write a PEP, talk with the module maintainers
> > and such.
> 
> But we do need *an* expert, don't we?  Maybe you can develop expertise
> as you go?

I don't have time to provide code right now, but I do know SSL and
X.509 specifically inside and out and would be happy to provide
support from a standards/crypto/certificate perspective.

Chris
-- 
| Christopher Petrilli
| petrilli@amber.org