@@ -94,18 +94,18 @@ provide TLS functionality that is not so strongly tied to OpenSSL. It also
9494proposes to update standard library modules to use only the interface exposed by
9595these protocol classes wherever possible. There are three goals here:
9696
97- 1 . To provide a common API surface for both core and third-party developers to
97+ # . To provide a common API surface for both core and third-party developers to
9898 target their TLS implementations to. This allows TLS developers to provide
9999 interfaces that can be used by most Python code, and allows network
100100 developers to have an interface that they can target that will work with a
101101 wide range of TLS implementations.
102102
103- 1 . To provide an API that has few or no OpenSSL-specific concepts leak through.
103+ # . To provide an API that has few or no OpenSSL-specific concepts leak through.
104104 The :mod: `ssl ` module today has a number of warts caused by leaking OpenSSL
105105 concepts through to the API: the new protocol classes would remove those
106106 specific concepts.
107107
108- 1 . To provide a path for the core development team to make OpenSSL one of many
108+ # . To provide a path for the core development team to make OpenSSL one of many
109109 possible TLS implementations, rather than requiring that it be present on a
110110 system in order for Python to have TLS support.
111111
@@ -116,37 +116,37 @@ Interfaces
116116
117117There are several interfaces that require standardization. Those interfaces are:
118118
119- 1 . Configuring TLS, currently implemented by the :class: `~ssl.SSLContext ` class
119+ # . Configuring TLS, currently implemented by the :class: `~ssl.SSLContext ` class
120120 in the :mod: `ssl ` module.
121121
122- 1 . Providing an in-memory buffer for doing in-memory encryption or decryption
122+ # . Providing an in-memory buffer for doing in-memory encryption or decryption
123123 with no actual I/O (necessary for asynchronous I/O models), currently
124124 implemented by the :class: `~ssl.SSLObject ` class in the :mod: `ssl ` module.
125125
126- 1 . Wrapping a socket object, currently implemented by the
126+ # . Wrapping a socket object, currently implemented by the
127127 :class: `~ssl.SSLSocket ` class in the :mod: `ssl ` module.
128128
129- 1 . Applying TLS configuration to the wrapping objects in (2) and (3). Currently
129+ # . Applying TLS configuration to the wrapping objects in (2) and (3). Currently
130130 this is also implemented by the SSLContext class in the :mod: `ssl ` module.
131131
132- 1 . Specifying TLS cipher suites. There is currently no code for doing this in
132+ # . Specifying TLS cipher suites. There is currently no code for doing this in
133133 the standard library: instead, the standard library uses OpenSSL cipher suite
134134 strings.
135135
136- 1 . Specifying application-layer protocols that can be negotiated during the TLS
136+ # . Specifying application-layer protocols that can be negotiated during the TLS
137137 handshake.
138138
139- 1 . Specifying TLS versions.
139+ # . Specifying TLS versions.
140140
141- 1 . Reporting errors to the caller, currently implemented by the
141+ # . Reporting errors to the caller, currently implemented by the
142142 :class: `~ssl.SSLError ` class in the :mod: `ssl ` module.
143143
144- 1 . Specifying certificates to load, either as client or server certificates.
144+ # . Specifying certificates to load, either as client or server certificates.
145145
146- 1 . Specifying which trust database should be used to validate certificates
146+ # . Specifying which trust database should be used to validate certificates
147147 presented by a remote peer.
148148
149- 1 . Finding a way to get hold of these interfaces at run time.
149+ # . Finding a way to get hold of these interfaces at run time.
150150
151151For the sake of simplicity, this PEP proposes to remove interfaces (3) and (4),
152152and replace them by a simpler interface that returns a socket which ensures that
@@ -223,10 +223,10 @@ The ``TLSServerConfiguration`` and ``TLSClientConfiguration`` concrete classes
223223define objects that can hold and manage TLS configuration. The goals of these
224224classes are as follows:
225225
226- 1 . To provide a method of specifying TLS configuration that avoids the risk of
226+ # . To provide a method of specifying TLS configuration that avoids the risk of
227227 errors in typing (this excludes the use of a simple dictionary).
228228
229- 1 . To provide an object that can be safely compared to other configuration
229+ # . To provide an object that can be safely compared to other configuration
230230 objects to detect changes in TLS configuration, for use with the SNI
231231 callback.
232232
0 commit comments