A big security breach of SSL 3.0 just dropped a little while ago (named POODLE).
With this there is now no ability to securely connect via SSL 3.0. I believe
that we should disable SSL 3.0 in Python similarly to how SSL 2.0 is disabled,
where it is disabled by default unless the user has
Hi,
I opened an issue to track this vulnerability:
http://bugs.python.org/issue22638
SSL 3.0 is 8 years old, I guess that TLS is now widely deployed and
well supported?
I guess that Linux vendors will have to fix the issues directly in
OpenSSL directly. Should Python only be changed on Windows?
On Wed, 15 Oct 2014 01:16:26 +0200
Victor Stinner victor.stin...@gmail.com wrote:
Hi,
I opened an issue to track this vulnerability:
http://bugs.python.org/issue22638
SSL 3.0 is 8 years old, I guess that TLS is now widely deployed and
well supported?
I guess that Linux vendors will
