[issue20995] Use Better Default Ciphers for the SSL Module
Donald Stufft
report at bugs.python.org
Fri Mar 21 00:33:18 CET 2014
Donald Stufft added the comment:
Oh, Additionally Marc:
Even if some system administrator or some system out there does patch their OpenSSL to actually be safe by default Python changing it's cipher string only adds to the potential security (or at worst does nothing). If even one system (of which there are legion) does not do that patch then Python changing it's ciphers will protect that user.
The failure mode for a bad cipher is silent insecurity, the failure mode for not having a needed cipher is an obvious error.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20995>
_______________________________________
More information about the Python-bugs-list
mailing list