Movatterモバイル変換

[Python-ideas] Unified TLS API for Python

• Previous message (by thread):[Python-ideas] Unified TLS API for Python
• Next message (by thread):[Python-ideas] Unified TLS API for Python
• Messages sorted by:[ date ][ thread ][ subject ][ author ]

On 2 February 2017 at 10:38, Cory Benfield <cory at lukasa.co.uk> wrote:> This PEP would define a standard TLS interface in the form of a collection of> abstract base classes. This interface would allow Python implementations and> third-party libraries to provide bindings to TLS libraries other than OpenSSL> that can be used by tools that expect the interface provided by the Python> standard library, with the goal of reducing the dependence of the Python> ecosystem on OpenSSL.Most of the PEP went over my head, but what I understood looks wellthought out and sensible. Overall I'm +1 on this.One thing that wasn't clear to me was the backward compatibilityimplications. Will the existing ssl module and its API be retained, orwill it be modified/deprecated? Will Windows/OSX distributions ofPython ultimately stop shipping with OpenSSL included? From an enduser POV, I won't care (high level modules like asyncio, urllib[1],http.client etc will be updated to transparently use the newinfrastructure) so I accept that this is something of an "internal"and/or library author concern.Thanks for putting the effort into this - people like me rely on"other people" getting the security stuff right, and I appreciate thework that those others like yourself put in for me.Paul[1] urllib wasn't actually a module noted as needing change. Was thatan omission, or is it simply because it defers the TLS stuff to thelower levels like http.client?

• Previous message (by thread):[Python-ideas] Unified TLS API for Python
• Next message (by thread):[Python-ideas] Unified TLS API for Python
• Messages sorted by:[ date ][ thread ][ subject ][ author ]