Selecting cipher suites with socket.ssl
Martin v. Löwis
loewis at informatik.hu-berlin.de
Sat Apr 6 05:40:51 EST 2002
Laura Creighton <lac at strakt.com> writes:
> But I don't like the assumption that the OP can do certificate generation
> better than Martin Sjögren did.
I didn't suggest that. Instead, I suggested that the OP changes the
Python SSL support - something that Martin Sjögren didn't.
Also, the OP was only asking for selecting cipher suites.
I was mainly objecting the assertion "It's broken." I don't think that
is true - it is mainly incomplete.
> So naturally, there is no big push here to get pyOpenSSL in the standard
> library. But I don't think that the OP should waste his time hacking
> on the standard SSL module; pick something that other people want to see.
I don't think this effort would be wasted. He only needs a relatively
small feature; if he implements that, all Python 2.3 users would have
it readily available.
> Besides, whatever he comes up with may be rejected on the grounds
> that the code isn't good enough, or it adds the sort of complexity
> you don't want in the standard library. Modifying an existing
> library shouldn't be by definition easier to do than adding a new
> one -- foul code is foul code
I disagree that the current SSL support is foul code.
Regards,
Martin
More information about the Python-list
mailing list