From 801caadfd659fb776dea838f9c95fe35dd7ba529 Mon Sep 17 00:00:00 2001 From: Nick Coghlan Date: Fri, 23 May 2014 20:29:45 +1000 Subject: [PATCH] PEP 466: record revised implementation approach --- pep-0466.txt | 38 +++++++++++++++++++++++++++++++++----- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/pep-0466.txt b/pep-0466.txt index 9729276b7..381e3888e 100644 --- a/pep-0466.txt +++ b/pep-0466.txt @@ -1,5 +1,5 @@ PEP: 466 -Title: Network Security Enhancements for Python 2.7.7 +Title: Network Security Enhancements for Python 2.7.x Version: $Revision$ Last-Modified: $Date$ Author: Nick Coghlan , @@ -28,7 +28,7 @@ Python 3 in the near term may not be feasible. In recognition of the additional practical considerations that have arisen during the 4+ year maintenance cycle for Python 2.7, this PEP allows a critical set of network security related features to be backported from -Python 3.4 to the upcoming Python 2.7.7 maintenance release. +Python 3.4 to upcoming Python 2.7.x maintenance releases. While this PEP does not make any changes to the core development team's handling of security-fix-only branches that are no longer in active @@ -39,11 +39,11 @@ support for the use of older versions in roles that involve connecting directly to the public internet. -New security related features in Python 2.7.7 -============================================= +New security related features in Python 2.7 maintenance releases +================================================================ Under this proposal, the following features will be backported from Python -3.4 to the upcoming Python 2.7.7 maintenance release: +3.4 to upcoming Python 2.7.x maintenance releases: * in the ``os`` module: @@ -81,6 +81,34 @@ why relying on an independently updated backport on the Python Package Index instead is not an acceptable solution. +Implementation status +===================== + +This PEP originally proposed adding all listed features to the Python 2.7.7 +maintenance release. That approach proved to be too ambitious given the +limited time frame between the original creation and acceptance of the PEP +and the release of Python 2.7.7rc1. Instead, the progress of each individual +accepted feature backport is being tracked as an independent enhancement +targeting Python 2.7. + +Implemented for Python 2.7.7: + +* `Issue #21306`_: backport ``hmac.compare_digest`` + +.. _Issue #21306: https://bugs.python.org/issue21306 + +Still in progress: + +* `Issue #21305`_: backport ``os.urandom`` shared file descriptor change +* `Issue #21307`_: backport specified ``hashlib`` module features +* `Issue #21308`_: backport specified ``ssl`` module features +* `Issue #21462`_: upgrade OpenSSL in the Python 2.7 Windows installers + +.. _Issue #21305: https://bugs.python.org/issue21305 +.. _Issue #21307: https://bugs.python.org/issue21307 +.. _Issue #21308: https://bugs.python.org/issue21308 +.. _Issue #21462: https://bugs.python.org/issue21462 + Backwards compatibility considerations ======================================