[issue20995] Use Better Default Ciphers for the SSL Module
Antoine Pitrou
report at bugs.python.org
Sat Mar 22 01:40:50 CET 2014
Antoine Pitrou added the comment:
Well, the doc currently says:
"""Starting from Python 3.2.3, the
ssl module disables certain weak ciphers by default, but you may want
to further restrict the cipher choice. For example::
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
context.set_ciphers('HIGH:!aNULL:!eNULL')"""
But after your changes, calling set_ciphers('HIGH:!aNULL:!eNULL') will actually weaken security, so this example should simply be removed (IMHO).
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20995>
_______________________________________
More information about the Python-bugs-list
mailing list