Benjamin Peterson added the comment: I think that's fine for 2.7.
On Mon, Jan 2, 2017, at 13:07, Christian Heimes wrote: > > New submission from Christian Heimes: > > OpenSSL 1.1.1 is going to provide TLS 1.3. The preferred protocols > PROTOCOL_TLS (old name PROTOCOL_SSLv23), PROTOCOL_TLS_CLIENT and > PROTOCOL_TLS_SERVER are going to have TLS 1.3 enabled by default. In > order to disable TLS 1.3, let's add OP_NO_TLSv1_3 to _ssl.c and guard it > with #ifdef SSL_OP_NO_TLSv1_3 > > https://github.com/openssl/openssl/blob/d2e491f225d465b11f18a466bf399d4a899cb50e/include/openssl/ssl.h#L346 > > Benjamin, Larry, Ned, are you ok with a new flag? OpenSSL 1.1.1 won't be > available any time soon. I like to add the flag *after* the upcoming > round of releases. > > ---------- > assignee: christian.heimes > components: SSL > messages: 284504 > nosy: benjamin.peterson, christian.heimes, larry, ned.deily > priority: normal > severity: normal > stage: needs patch > status: open > title: Add OP_NO_TLSv1_3 > type: enhancement > versions: Python 2.7, Python 3.5, Python 3.6, Python 3.7 > > _______________________________________ > Python tracker <rep...@bugs.python.org> > <http://bugs.python.org/issue29136> > _______________________________________ ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue29136> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
