Thursday 16 November 2017

Re: Python SNI

Hi Luke/Thomas,

 

Thanks for the response!

 

We want to avoid installing Python from source if possible - we run a mission critical system in production and need to ensure that we use the version of Python provided with Ubuntu; our view is that this version is stable and installing a version from source could lead to compatibility issues.

 

We appreciate that Stable Release Updates policy, however we were wondering if SNI could be considered for backporting based on a security concern? Over the past twelve months SNI has grown in popularity and many web hosting companies have now adopted it. Without supporting SNI, it is not possible to verify the common name in the website SSL certificate with the website domain.  

 

Please let me know your thoughts on this and really appreciate your time!

 

Thanks

Lee

 

From: Thomas Ward <teward@trekweb.org>
Date: Thursday, 16 November 2017 at 19:56
To: Luke Faraone <lfaraone@ubuntu.com>
Cc: Lee Jones <Lee.Jones@securetrading.com>, "ubuntu-devel@lists.ubuntu.com" <ubuntu-devel@lists.ubuntu.com>
Subject: Re: Python SNI

 

If you need the nonstandard python I would suggest rolling a virtualenv for Python in your system. It works fairly well - i've got multiple newer Python running on my Xenial box for things that need it.

 

 

*Sent from my iPhone.  Please excuse any typos, as they are likely to happen by accident.*


On Nov 16, 2017, at 14:44, Luke Faraone <lfaraone@ubuntu.com> wrote:

Hi Lee,

 

Ubuntu's Stable Release Updates policy doesn't generally permit adding new features to released packages.

 

Cheers,

Luke Faraone

 

On 14 November 2017 at 21:57, Lee Jones <Lee.Jones@securetrading.com> wrote:

Hi all,

 

We are currently using Python 2.7.6 that is shipped with Ubuntu 14.04.

 

My understanding is that Server Name Identification (SNI) is only supported in Python 2.7.9.

 

Does anyone know if there are plans to include SNI support in the current Ubuntu 14.04 Python version?

 

Thanks

Lee


--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel



 

-- 

Luke Faraone;; Debian & Ubuntu Developer; Sugar Labs; MIT SIPB
lfaraone on irc.[freenode,oftc].net -- https://luke.wf/ohhello
PGP fprint: 8C82 3DED 10AA 8041 639E  1210 5ACE 8D6E 0C14 A470

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Posted by at