Chapter 6 ■ tLS/SSL
10 6
The problem with switching from the ssl module’s default contexts to hand-picked settings like this is that you
not only have to do the research to determine your needs and choose a TLS version and cipher when you first write
an application, but you—or your successor who maintains the software in the future—must continue to stay up-to-
date in case your choices are later discovered to be vulnerable to a new exploit. TLS version 1.2 combined with elliptic
curve Diffie–Hellman looks great, at least as this book goes to press. However, someday the choice will probably look
dated or even quaint. Or look positively insecure. Will you be in a position to learn this quickly and get the manual
selections in your software projects updated to better ones?
Unless create_default_context() someday gains an option that lets you insist on Perfect Forward Security, you
will find yourself stuck between these two options. Either you will have to trust the default context and accept that
some clients (or servers) with which you communicate might not receive PFS protection or you will have to lock down
the choice of cipher and then stay abreast of news from the cryptography community.
Note that PFS is only as “perfect” as your mechanism for regularly discarding the session state or session ticket
key that the server maintains. In the simplest case, simply restarting your server process every evening should make
sure that new keys are generated, but do further research if you have a whole fleet of servers to deploy and want them
to be able to support a pool of TLS clients efficiently, which take advantage of session restart. (However, this case—
wanting a whole cluster whose session-restart keys are coordinated without compromising PFS—is one of those
where it might begin to make more sense to look at tools beyond Python to perform your TLS termination!)
One last consideration is that locking down the choice of cipher is far easier if you are the one writing, or at least
configuring, both the client and the server, as might be the case if you are setting up encrypted communications
within your own machine room or between your own servers. When other pieces of software, administered by other
parties, come into play, a less flexible cipher set might make it harder for others to interoperate with your services,
especially if their tools use other implementations of TLS. If you do lock things down to only a few options, try to
document these clearly and prominently for the people who write and configure the clients so that they can diagnose
why older clients might have problems connecting.
Protocol Support for TLS
Most of the widely used Internet protocols have by now added TLS support. When using these protocols from either a
Python Standard Library module or a third-party library, the important feature to search for is how you can configure
the TLS cipher and options to prevent peers from connecting with weak protocol versions, weak ciphers, or options
such as compression that weaken the protocol. This configuration might take the form of library-specific API calls or
might simply allow you to pass an SSLContext object with your configuration choices.
Here are the TLS-aware protocols that come with the Python Standard Library:
• http.client: When you build an HTTPSConnection object (see Chapter 9), you can use
the constructor’s context keyword to pass in an SSLContext with your own settings.
Unfortunately, neither urllib.request nor the third-party Requests library documented in
Chapter 9 currently accept an SSLContext argument as part of their APIs.
• smtplib: When you build an SMTP_SSL object (see Chapter 13), you can use the constructor’s
context keyword to pass in an SSLContext with your own settings. If instead you create a
plain SMTP object and only later call its starttls() method, then you provide the context
parameter to that method call.• poplib: When you build a POP3_SSL object (see Chapter 14), you can use the constructor’s
context keyword to pass in an SSLContext with your own settings. If instead you create a
plain POP3 object and only later call its stls() method, then you would provide the context
parameter to that method call.• imaplib: When you build an IMAP4_SSL object (see Chapter 15), you can use the constructor’s
ssl_context keyword to pass in an SSLContext with your own settings. If instead you create
a plain IMAP4 object and only later call its starttls() method, then you would provide the
ssl_context parameter to that method call.