Antoine Pitrou added the comment: Update on 2.7: - there are no SSL servers in the stdlib (ha) - SSL clients don't do any auto-downgrading
so it's not obvious we should patch something (if people choose to pass PROTOCOL_SSLv3, it's their problem). Update on 3.4: - the only SSL server in the stdlib is in asyncio, but it forces the user to pass their own SSL context (good!) - SSL clients don't do any auto-downgrading (3.5 should be similar) ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22638> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com