Version 2 (modified by Hynek Schlawack, 4 years ago) (diff)


We have some security-related code in Twisted. I think all of the core developers basically have some great ideas for making things secure (we generally know our way around crypto abstractions, if not crypto math; we are aware of common issues; we know about tools like capability-based design for cooperation without trust) but our implementation doesn't live up to that fact. For example, twisted.internet.ssl is still woefully incomplete, twisted.cred lacks features (like the ability to identify useful attributes of other users, or create and modify accounts). Most of all we need docs for how to use these things effectively to produce secure software that uses twisted.

We should come up with some plans to really finish, polish, and document some of these systems.


Short term

  • #6663: We need to make the cipher suites configurable.
  • #6801: OP_NO_COMPRESSION needs to be set to circumvent Lucky 13, OP_CIPHER_SERVER_PREFERENCE to force our ciphers on clients.
  • #6799: We need to support DHE to offer PFS.
  • #4888: twisted.web.client.Agent our new web client API has to learn hostname verification for HTTPS URIs.
  • #5446/#6334: For that we need access to a reliable trust store.

Mid Term

  • as soon as PyOpenSSL learns about ECDH, we need to add it too (eg. Windows does no DHE).
  • #4887: Add SNI (not security-relevant but belongs into a complete TLS framework).

Long Term