[issue20995] Use Better Default Ciphers for the SSL Module

Antoine Pitrou Fri, 21 Mar 2014 17:41:22 -0700

Antoine Pitrou added the comment:

Well, the doc currently says:


"""Starting from Python 3.2.3, the
ssl module disables certain weak ciphers by default, but you may want
to further restrict the cipher choice.  For example::

   context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
   context.set_ciphers('HIGH:!aNULL:!eNULL')"""

But after your changes, calling set_ciphers('HIGH:!aNULL:!eNULL') will actually 
weaken security, so this example should simply be removed (IMHO).

----------

_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue20995>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue20995] Use Better Default Ciphers for the SSL Module

Reply via email to