PEP 466: restore some rationale lost in final edits
This commit is contained in:
Nick Coghlan
parent
5ae2360963
commit
ceadb0f33c
41
pep-0466.txt
41
pep-0466.txt
|
|
@ -322,6 +322,47 @@ deliberately designed such that it is potentially suitable for Red Hat
|
||||||
Enterprise Linux and its downstream derivatives.
|
Enterprise Linux and its downstream derivatives.
|
||||||
|
|
||||||
|
|
||||||
|
Why these particular changes?
|
||||||
|
-----------------------------
|
||||||
|
|
||||||
|
The key requirement for a feature to be considered for inclusion in this
|
||||||
|
proposal was that it must have security implications *beyond* the specific
|
||||||
|
application that is written in Python and the system that application is
|
||||||
|
running on. Thus the focus on network security protocols, password storage
|
||||||
|
and related cryptographic infrastructure - Python is a popular choice for
|
||||||
|
the development of web services and clients, and thus the capabilities of
|
||||||
|
widely used Python versions have implications for the security design of
|
||||||
|
other services that may themselves be using newer versions of Python or
|
||||||
|
other development languages, but need to interoperate with clients or
|
||||||
|
servers written using older versions of Python.
|
||||||
|
|
||||||
|
The intent behind this requirement was to minimise any impact that the
|
||||||
|
introduction of this policy may have on the stability and compatibility of
|
||||||
|
maintenance releases, while still addressing some key security concerns
|
||||||
|
relating to the particular aspects of Python 2.7. It would be thoroughly
|
||||||
|
counterproductive if end users became as cautious about updating to new
|
||||||
|
Python 2.7 maintenance releases as they are about updating to new feature
|
||||||
|
releases within the same release series.
|
||||||
|
|
||||||
|
The ``ssl`` module changes are included in this proposal to bring the
|
||||||
|
Python 2 series up to date with the past 4 years of evolution in network
|
||||||
|
security standards, and make it easier for those standards to be broadly
|
||||||
|
adopted in both servers and clients. Similarly the hash algorithm
|
||||||
|
availability indicators in ``hashlib`` are included to make it easier for
|
||||||
|
applications to detect and employ appropriate hash definitions across both
|
||||||
|
Python 2 and 3.
|
||||||
|
|
||||||
|
The ``hmac.compare_digest()`` and ``hashlib.pbkdf2_hmac()`` are included to
|
||||||
|
help lower the barriers to secure password storage and checking in Python 2
|
||||||
|
server applications.
|
||||||
|
|
||||||
|
The os.urandom change has been included in this proposal to help encourage
|
||||||
|
users to leave the task of providing high quality random numbers for
|
||||||
|
cryptographic use case to operating system vendors (as this is a genuinely
|
||||||
|
hard problem, and operating system developers have more tools available to
|
||||||
|
deal with it than Python application runtimes)
|
||||||
|
|
||||||
|
|
||||||
Rejected alternative: just advise developers to migrate to Python 3
|
Rejected alternative: just advise developers to migrate to Python 3
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue