Unfortunately there are some significant challenges with 2.0+. The primary issue is the dependency on tlslite, which was removed from Debian previously due to being insecure and unmaintained. In addition, quite a bit of the certificate handling code does things incorrectly (see eg. the certificate chain verification code[1] that does not check the certificate purpose, allowing anyone with a valid cert to sign a fraudulent cert as if they were a CA).
I would very much welcome help with these issues, but be warned there is most likely a fair amount of work involved in either rewriting the cert-handling code to use another library (probably python-openssl/python-cryptography), or resurrecting and maintaining the tlslite package. [1] https://github.com/spesmilo/electrum/blob/master/lib/paymentrequest.py#L119 On Mon, 3 Aug 2015 at 15:51 Thomas Ward <tew...@dark-net.net> wrote: > 1.9.8 is a year old. In addition, 2.4 is the current version. > > Failing to update breaks recovery of wallets from newer versions, and > there are quite a lot of improvements in 2.4 over 1.9.8 that should be > reviewed and included. > > > > Thomas > >
