From 5151838132d03d8150a49c005a6b00eced9fd991 Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Mon, 16 Mar 2015 12:43:38 -0500 Subject: versionchanged for rc4 removal (closes #23679) --- Doc/library/ssl.rst | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index d328c2b..69086d2 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -245,14 +245,13 @@ purposes. :const:`None`, this function can choose to trust the system's default CA certificates instead. - The settings in Python 2.7.9 are: :data:`PROTOCOL_SSLv23`, - :data:`OP_NO_SSLv2`, and :data:`OP_NO_SSLv3` with high encryption cipher - suites without RC4 and without unauthenticated cipher suites. Passing - :data:`~Purpose.SERVER_AUTH` as *purpose* sets - :data:`~SSLContext.verify_mode` to :data:`CERT_REQUIRED` and either loads CA - certificates (when at least one of *cafile*, *capath* or *cadata* is given) - or uses :meth:`SSLContext.load_default_certs` to load default CA - certificates. + The settings are: :data:`PROTOCOL_SSLv23`, :data:`OP_NO_SSLv2`, and + :data:`OP_NO_SSLv3` with high encryption cipher suites without RC4 and + without unauthenticated cipher suites. Passing :data:`~Purpose.SERVER_AUTH` + as *purpose* sets :data:`~SSLContext.verify_mode` to :data:`CERT_REQUIRED` + and either loads CA certificates (when at least one of *cafile*, *capath* or + *cadata* is given) or uses :meth:`SSLContext.load_default_certs` to load + default CA certificates. .. note:: The protocol, options, cipher and other settings may change to more @@ -277,6 +276,10 @@ purposes. .. versionadded:: 2.7.9 + .. versionchanged:: 2.7.10 + + RC4 was dropped from the default cipher string. + Random generation ^^^^^^^^^^^^^^^^^ -- cgit v0.12