[issue41195] Interface to OpenSSL's security level
Christian Heimes
report at bugs.python.org
Thu Jul 2 06:45:03 EDT 2020
Christian Heimes <lists at cheimes.de> added the comment:
I'm not sure it's a good idea to expose a setter for security level. In general the security level is a system-wide policy decision that should be controlled by administrators. Applications should not change this setting.
Python libraries tend to follow bad practices and cargo cult when it comes to TLS settings. Many years ago OpenSSL and Linux distributions had bad default settings. Nowadays OpenSSL has good defaults and distributions often set even stricter defaults.
A read-only getter for the policy sounds like a good idea, though.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue41195>
_______________________________________
More information about the Python-bugs-list
mailing list