[issue38036] ssl docs say that ssl.SSLContext() is secure-by-default since 3.6, but it isn't

Christian Heimes Thu, 05 Sep 2019 01:01:25 -0700


Christian Heimes <li...@cheimes.de> added the comment:


Indeed, the text is misleading. "secure default values" refers to 
SSLContext.options only (no compression, "good" TLS versions) and not to cert 
and host name verification.

----------

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue38036>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue38036] ssl docs say that ssl.SSLContext() is secure-by-default since 3.6, but it isn't

Reply via email to