On 2016-03-03 08:45, Nick Coghlan wrote: > On 2 March 2016 at 11:01, Larry Hastings <la...@hastings.org> wrote: >> It's that time once again: time to start planning for the 2016 Python >> Language Summit! > > Huzzah, thanks for organising this again! > > I've forwarded the email to a few folks to suggest they submit > presentation proposals, but I also have a question for everyone else: > would folks be interested in a summary of the SSL/TLS handling > developments over the past couple of years and open issues (aka > "things that are still hard that we would prefer were simpler") we > could potentially help with in core dev?
Thanks! TLS/SSL is already covered. :) I have invited Cory Benfield (python-requests, urllib3, hyper). Cory and I are co-chairing a presentation about the future of TLS/SSL in Python core and Python ecosystem together. Let's hope 20 minutes are enough. I have also proposed a short recap of Python Security, PSRT and Coverity Scan activity in the past year. I also like to address communications of security fixes. From the bug tracker it is not immediately visible, which Python releases contains a fix. The changelog doesn't highlight security fixes, too. This allowed one nasty bug to fly under the radar and caused a downstream $VENDOR to not backport a fix. I'd like to have security issues marked in the changelog, e.g. with "[S]" or "[SECURITY]" prefix/suffix. Christian
signature.asc
Description: OpenPGP digital signature
_______________________________________________ python-committers mailing list python-committers@python.org https://mail.python.org/mailman/listinfo/python-committers Code of Conduct: https://www.python.org/psf/codeofconduct/