Lukasa
commented
7 years ago Let's talk about APIs for a moment, if we may. :smile:
One of the things I've been aiming to do recently is try to get some kind of "generic" TLS API off the ground, so that Python applications can stop implementing special-case support for each TLS backend they want to support. My effort here is PEP 543, which defines a very high-level API for configuring and using TLS.
I bring this up to let you know only that there may be some utility in exposing PEP 543-compatible APIs. The WIP PEP 543 code is available here, which also contains a binding to the stdlib TLS API in case you're interested in seeing how some of this stuff is implemented.
As a more rigorous test-case (and as a better carrot for you to implement the API!), I'm also writing a Twisted endpoint that can work with PEP 543 implementations. If we can get this built to a point of being a useful product, this would allow Twisted applications to be agnostic to their TLS implementation, and would give tls Twisted support for "free".
Just worth bearing in mind!
@ashfall wrote a public API doc that looks pretty good! This issue will be a place for us to discuss that document and generally the API we want to expose in our first release.