[issue29810] Rename ssl.Purpose.{CLIENT,SERVER}_AUTH

Alex Gaynor added the comment: Sounds good to me! -- ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: https://ma

[issue29810] Rename ssl.Purpose.{CLIENT,SERVER}_AUTH

Christian Heimes added the comment: Yes, I'm planning a PEP to make the SSL module a bit more sane: 1) deprecate all protocols except for PROTOCOL_TLS_CLIENT / PROTOCOL_TLS_SERVER 2) deprecate purpose in favor of PROTOCOL_TLS_* 3) PROTOCOL_TLS_CLIENT defaults to CERT_REQUIRED, match_hostname=Tru

[issue29810] Rename ssl.Purpose.{CLIENT,SERVER}_AUTH

Alex Gaynor added the comment: Ah, so instead of PROTOCOL_SSLv23 using PROTOCOL_TLS_CLIENT and deprecating the Purpose bits entirely? That sounds good to me! -- ___ Python tracker _

[issue29810] Rename ssl.Purpose.{CLIENT,SERVER}_AUTH

Christian Heimes added the comment: For 3.7 I'm planning to move to protocols instead of purpose oids (PROTOCOL_TLS_CLIENT, PROTOCOL_TLS_SERVER). -- ___ Python tracker ___ _

[issue29810] Rename ssl.Purpose.{CLIENT,SERVER}_AUTH

Changes by Alex Gaynor : -- nosy: +christian.heimes, dstufft, janssen ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubsc

[issue29810] Rename ssl.Purpose.{CLIENT,SERVER}_AUTH

New submission from Alex Gaynor: The names are super misleading. First, they're written in a way that's the opposite of how people think about these things (CLIENT_AUTH -> server socket; SERVER_AUTH -> client socket). Second, they're misleading, you can have TLS which is *mutually* authenticat