Hi Julien,
Apologies for the late reply! Let me try to answer as many of your questions as possible.
In general, we created this PEP based on the earlier work of PEP 543 and various discussions including this discourse post. We tried to focus on secure-by-default and keeping the API small and simple.
As discussed upthread, we released a version for people to try things out and provide feedback, so your feedback is exactly what we were looking for! I will give some of my own opinions below. However, I hope that we can get some discussion going on the following proposed changes to get a better view of what people think.
In the original proposal we only had the non-blocking socket without the TLSBuffer, with the reason that we wanted to enable sans-io abstractions. Now that we have TLSBuffer for sans-io abstractions, we could allow the user to choose blocking / non-blocking sockets. However, I am not sure whether this is easily supportable for backends on different platforms.
Our expectation was that the client typically has one client certificate that it wants to present to the server, but this may be incorrect. If necessary, we could set this to multiple certificates, as long as there’s a straightforward way for the backends to handle it.
We chose to use None as the default value, so the properties returning None just indicates that they are the default values. Otherwise, each backend has to set their own default values in the configuration when a user creates one with None. Currently, backends can implement their own checks in validate_config, but I can see the value of certain sanity checks regarding lowest_supported_version <= highest_supported_version. Whether the private key and certificate match seems like a more backend-dependent check to me, especially if the backend wants to reference these items by identifier.
This makes sense to me. We can allow empty server certificates in the insecure module.
The backends are supposed to interpret a None trust store as the default (system) trust store. I am not sure if it would really make the connection insecure by default, as a missing trust store means all servers should be rejected. In order to skip the server certificate check, the user has to use the insecure module.
Yeah, currently the cipher suites for TLS 1.3 only focus on the symmetric ciphers and doesn’t include supported groups, signature algorithms, or PSK. I would appreciate more input from users whether additional negotiation needs to be supported. With regards to your followup post, I would really like to avoid complicated ways to define cryptography/cipher suites as the different backends are already complicated (especially OpenSSL and Schannel).
I like the idea of having a dedicated object for this.
I’m generally not a big fan of adding additional things to the API because it detracts from the simplicity. However, if that’s what users need, I’m open to it.
That’s a good question, I need to think more about it. I’m fine with the end user dumping in certificates as is most convenient for them and the backend handling everything.
As I understand it, the current close() allows you to close the read side via flag, which is allowed as per the paragraph that you cite, but opens you up to truncation. However, I also didn’t really like what we ended up with here, so if there are any better suggestions I’m all ears!
We didn’t really think about this when writing the PEP and I don’t have a quick answer here. If you have any proposed modification I’m happy to take a look. I suppose it will tie into the close() discussion above.
After our initial release we did not receive any feedback until yours. As a result I am not sure how much interest there currently is in this PEP. Therefore, I would also appreciate any input from others on their opinion (which will probably have changed since the last time we discussed this PEP!).