Antoine Pitrou added the comment: > Er, I typed issue and meant usage. Right now the only difference > between restricted ciphers and the default ciphers is restricted > ciphers have no RC4 and no DSS. You wanted this issue limited to > client changes and I'm not sure how to do that without enabling > RC4/DSS for servers (which is a regression in the security of the > restricted ciphers).
Hmm, fair enough, let's change them all at once here. Also, since "restricted ciphers" aren't actually used by stdlib modules, I changed my mind and think it's ok to disable RC4 and DSS :-) I'll still open another issue for server-specific configuration: not the ciphers, but other stuff. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue20995> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
