[Security-sig] Unified TLS API for Python
Cory Benfield
cory at lukasa.co.uk
Thu Jan 12 03:47:39 EST 2017
> On 11 Jan 2017, at 21:44, Wes Turner <wes.turner at gmail.com> wrote:
>
> This may be a bit of a different use case (and possibly worth having in the first version of a new tls module):
>
> "Hitless TLS Certificate Rotation in Go"
> https://diogomonica.com/2017/01/11/hitless-tls-certificate-rotation-in-go/ <https://diogomonica.com/2017/01/11/hitless-tls-certificate-rotation-in-go/>
>
> - Can/could this be done with only set_sni_callback ?
Yes, it can be. Twisted has an extension module, txsni, that uses the SNI callback to choose which certificate to provide. This is basically identical to the Go GetCertificate callback function.
Cory
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/security-sig/attachments/20170112/10d4660e/attachment.html>
More information about the Security-SIG
mailing list