[Security-sig] Unified TLS API for Python: Draft 3
Ethan Furman
ethan at stoneleaf.us
Wed Jan 25 21:53:59 EST 2017
Originally from Steve Dower (with my apologies):
-----------------------------------------------
Looks good to me, but I wonder why we need to define all the algorithms in the PEP (by reference)? Could they also use a similar model to certificates, where the implementation provides a constructor that takes a string (in a format defined here, e.g. "OpenSSL style") and does the best it can to return something it will know how to use later? It involves some trust, but I honestly don't see a world where we end up with implementations deliberately trying to be incompatible with each other (which would seem to be the only reason to define the full enum ahead of time).
Steve Dower (extracted from a top-posted Windows phone email ;)
More information about the Security-SIG
mailing list