Antoine Pitrou added the comment: There is already an entire section about this: http://docs.python.org/dev/library/ssl.html#security-considerations
It's up to consumers of the API to choose their security policy, the ssl module merely provides building blocks to implement it. I think the ssl docs are sufficiently explicit about it right now, we're not going to add warnings every time we think something is important to read. As for "developers [who] are still surprised", well, most of them shouldn't use the ssl module directly. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue19508> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
