Heikki Toivonen <[EMAIL PROTECTED]> added the comment: Yeah, compatibility can be a problem. The cipher list I used for M2Crypto was recommended in the book Network Security with OpenSSL (I think). Besides removing unsafe ciphers, it orders the remaining ciphers from strongest to weakest, based on the hope/assumption/practice that peers will hopefully select the first matching cipher. It is not foolproof, though, so for truly compatible application you'd probably need to try with different ciphers lists if you run into errors. However, I have never run into a problem myself with that list, nor has anyone reported any bugs against M2Crypto because of that.
Defaulting to TLSv1 should select a better cipher list than otherwise, but I would be a bit concerned about that in turn being an even bigger compatibility issue. I guess I could ask around. _______________________________________ Python tracker <[EMAIL PROTECTED]> <http://bugs.python.org/issue3597> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com