Antoine Pitrou added the comment: > how about we use more strict and modern settings for the public API? > TLSv1, no insecure stuff like RC4, MD5, DSS etc. > https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
Fine, but I'd like to see something more open-ended for the ciphers string. e.g. 'HIGH:!ADH:!AECDH:!MD5:!DSS:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2' ? ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue19689> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
