You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This feature proposal is a continuation of SSL feature work begun in issues #136306 and #137197. It adds the ability to set TLS signature algorithms for both client and server in the SSLContext class and later query the selected signature algorithms on an SSHSocket, after the TLS handshake is complete. The new methods would look something like:
ssl.get_sigalgs() ->List[str]:
"""Get a list of TLS signature algorithms available for server validation and client authentication."""SSLContext.set_server_sigalgs(sigalgs: str) ->None:
"""Set the TLS signature algorithms allowed for server validation."""SSLContext.set_client_sigalgs(sigalgs: str) ->None:
"""Set the TLS signature algorithms allowed for client authentication."""SSLSocket.server_sigalg() ->str|None:
"""Return the TLS signature algorithm selected for server validation."""SSLSocket.client_sigalg() ->str|None:
"""Return the TLS signature algorithm selected for client authentication."""
Proposal:
This feature proposal is a continuation of SSL feature work begun in issues #136306 and #137197. It adds the ability to set TLS signature algorithms for both client and server in the SSLContext class and later query the selected signature algorithms on an SSHSocket, after the TLS handshake is complete. The new methods would look something like:
Links to previous discussion of this feature:
This work was discussed originally in PR #119244.
Linked PRs