New submission from naif <n...@globaleaks.org>: The list of Ciphers for Python SSL binding for OpenSSL cannot be ordered in a specific list of preference.
This is a requirement for strict security environment where the ordered cipher list it's very important. Apache support the ordering of ciphers trough the configuration of SSLHonorCipherOrder: http://www.carbonwind.net/blog/post/Setting-the-preferred-cipher-suite-on-Apache-22x.aspx Also Internet Explorer 7 support Ciphers order configuration: https://blogs.technet.com/b/steriley/archive/2007/11/06/changing-the-ssl-cipher-order-in-internet-explorer-7-on-windows-vista.aspx?Redirected=true Not having the ordered cipher list doesn't allow Python SSL stack configuration to be compliant with high security environment, de-facto representing a security vulnerability. We suggest to fix the issue of lacking that feature. ---------- components: Library (Lib) messages: 149831 nosy: naif priority: normal severity: normal status: open title: Python SSL stack doesn't support ordering of Ciphers type: security versions: Python 2.6, Python 2.7, Python 3.1, Python 3.2, Python 3.3, Python 3.4 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13635> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
