[issue21013] server-specific SSL context configuration
Alex Gaynor
report at bugs.python.org
Sat Mar 22 19:19:21 CET 2014
Alex Gaynor added the comment:
Unfortunately most TLS implementations (particularly those in browser stacks) are vulnerable to downgrade attacks, whereby an attacker can send some malicious packets to simulate a connection failure and cause a lower version of the protocol to be negotiated, https://crypto.stackexchange.com/questions/10493/why-is-tls-susceptible-to-protocol-downgrade-attacks has some info on it. As a result, whenever possible it's really desirable to completely disallow as many poor choices as possible.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue21013>
_______________________________________
More information about the Python-bugs-list
mailing list