New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
introduce PFS #1823
introduce PFS #1823
Conversation
Codecov Report
@@ Coverage Diff @@
## develop #1823 +/- ##
===========================================
- Coverage 92.54% 92.52% -0.03%
===========================================
Files 53 53
Lines 9958 9970 +12
===========================================
+ Hits 9216 9225 +9
- Misses 742 745 +3
Continue to review full report at Codecov.
|
I've checked each file this PR touches in the codecov reports and all the LOC codecov says are not covered are not any LOC this PR changed... |
code review? |
@chrisdlangton I think at this point trying to offer configuration for every knob in the SSLContext is too much and it's probably a better approach to just allow a custom SSLContext to be passed as a client configuration. |
@joguSD it is curious you mention this, should I also refactor out the use_ssl and expect an end-user to know how to construct the primitives themselves? no... that is crazy.. For a framework/library, it is nonsensical to suggest frameworks/libraries should not introduce a feature flag. This PR is introducing a feature flag so an end-user can simply chose to enforce the feature called pfs (Perfect Forward Secrecy as it is known) which is actually just a select ciphersuite that (few) people actually know the correct options to use to do this (probably why not many people are doing this today, it's damn hard) So i fundamentally disagree, we should definitely be abstracticting away these extremely complex features behind a feature flag, botocore does this is almost every line of code.. the most analogous feature flag is the use_ssl flag... |
Greetings! It looks like this issue hasn’t been active in longer than one year. We encourage you to check if this is still an issue in the latest release. Because it has been longer than one year since the last update on this, and in the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment to prevent automatic closure, or if the issue is already closed, please feel free to reopen it. |
discussion #1822