On Tuesday, January 16, 2018, Steve Dower <steve.do...@python.org> wrote:
> From my perspective, we can’t keep an OpenSSL-like API and use Windows > platform libraries (we *could* do a requests-like API easily enough, but > even urllib3 is painfully low-level). > > Support for Windows SChannel and Apple SecureTransport is part of the TLS module. IDK how far along that work is (whether it'll be ready for 3.7 beta 1)? Or where those volunteering to help with the TLS module can send PRs? https://github.com/python/peps/blob/master/pep-0543.rst https://www.python.org/dev/peps/pep-0543/ http://markmail.org/search/?q=list%3Aorg.python+PEP+543+TLS https://www.python.org/dev/peps/pep-0543/#interfaces > > > We have to continue shipping our own copy of OpenSSL on Windows. Nothing > to negotiate here except whether OpenSSL releases should trigger a Python > release, and I think that decision can stay with the RM. > > > > Good luck solving macOS :o) > > > > Cheers, > > Steve > > > > Top-posted from my Windows phone > > > > *From: *Stephen J. Turnbull <turnbull.stephen...@u.tsukuba.ac.jp> > *Sent: *Tuesday, January 16, 2018 17:45 > *To: *Matt Billenstein <m...@vazor.com> > *Cc: *Christian Heimes <christ...@python.org>; python-dev@python.org > *Subject: *Re: [Python-Dev] Python 3.7: Require OpenSSL >=1.0.2 / > LibreSSL >=2.5.3 > > > > Matt Billenstein writes: > > > > > In my mind it becomes easier to bundle deps in a binary installer > > > across the board (Linux, OSX, Windows) rather than rely on whatever > > > version the operating system provides. > > > > Thing is, as Christian points out, TLS is a rapidly moving target. > > Every Mac OS or iOS update seems to link to a dozen CVEs for TLS > > support. We can go there if we have to, but it's often hard to go > > back when vendor support catches up to something reasonable. I think > > this is something for Ned and Christian and Steve to negotiate, since > > they're the ones who are most aware of the tradeoffs and bear the > > costs. > > > > > > > > _______________________________________________ > > Python-Dev mailing list > > Python-Dev@python.org > > https://mail.python.org/mailman/listinfo/python-dev > > Unsubscribe: https://mail.python.org/mailman/options/python-dev/ > steve.dower%40python.org > > >
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
