[PATCH 3 of 5 V3] sslutil: require TLS 1.1+ when supported

Pierre-Yves David pierre-yves.david at ens-lyon.org
Fri Jul 15 01:18:34 UTC 2016



On 07/14/2016 06:50 AM, Gregory Szorc wrote:
> # HG changeset patch
> # User Gregory Szorc <gregory.szorc at gmail.com>
> # Date 1468470954 25200
> #      Wed Jul 13 21:35:54 2016 -0700
> # Node ID b4527c8cec88824c15936f64e7d5ea59c5d54bee
> # Parent  6a6d56e1391ff7e1468ef1b44b7e4c5cbe406f7b
> sslutil: require TLS 1.1+ when supported

This change is scary (as in, a large base of our user will probably
explode) but I think I agree we should do it.
However, I would probably advocate to actually change the default at the
beginning of the 4.0 cycle to have a longer period to test it.

If other agree, I would be happy to take a V2, were the default is
unchanged but the documentation recommend tls1.1 for newer python. The
rest of the series looks fine to me.

Cheers

-- 
Pierre-Yves David



More information about the Mercurial-devel mailing list