[Python-Dev] PEP 466: Proposed policy change for handling network security enhancements
Terry Reedy
tjreedy at udel.edu
Mon Mar 24 00:33:05 CET 2014
On 3/23/2014 3:29 AM, Cory Benfield wrote:
> On 23 March 2014 at 04:32:17, Terry Reedy (tjreedy at udel.edu(mailto:tjreedy at udel.edu)) wrote:
>> Instead, I think the PEP should propose a special series of server
>> enhancement releases that are based on the final 2.7 maintenance release
>> (2.7.8 or 2.7.9) but which have have a different application-specific
>> enhancement policy.
>
> This is an interesting idea. My biggest problem with it is that, at least
> with the ssl library, these aren’t server-only problems. If we suggest that
> they are, we end up in the same position we’re in right now (that is, hurting
> the internet).
If I understood the problem and pep too narrowly, substitute 'security'
or whatever phrase you want for 'server'. My last sentence was an
admission that some details of what I said would need to be changed. The
key idea is to admit the what is being proposed is a minor fork of 2.7
(somewhat like Stackless 2.7) that might break code and which would
require separate code testing
--
Terry Jan Reedy
More information about the Python-Dev
mailing list