On 19 Sep 2020, at 8:39, Stephen J. Turnbull wrote:
As far as I know there are already obvious security holes in Python 2
if you need to use TLS, especially on Mac. Python 2 is not up to
current security recommendations with respect to SSL and TLS versions,
and I suspect not with respect to other basic crypto. I don't think
it's hard to configure those version exclusions, but it doesn't come
out of the box that way. And on Mac you've got the mess that is an
Apple-specific TLS API that Python doesn't have a wrapper for last I
heard (it uses an bundled version of OpenSSL instead if you configure
it to support TLS).
That's a pretty obscure edge case.
Most people who use *current* MM2 on Mac do so via Homebrew or MacPorts
builds, both of which also bring in a current OpenSSL by default. If
one insists on building from scratch using the system "openssl," then on
any recent system it is actually a recent and reasonably safe LibreSSL.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
------------------------------------------------------
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
