Transport Layer Security (TLS) is a cryptographic protocol that provides secure communications over a network. As developers, we rely on TLS to secure data in transit, especially for web connections. Python's urllib3 library handles TLS connections under the hood, but which TLS versions does it actually support? Let's demystify.
urllib3 aims to support only the latest, most secure TLS versions at any given time. As of urllib3 v1.26.0, TLS v1.2 and TLS v1.3 are supported by default. Specifically:
TLSv1.3 is supported on Python 3.7+
TLSv1.2 is supported on Python 2.7.9+ and Python 3.4+
So if you're using the latest urllib3 on modern Python versions, you can rest assured TLS v1.2+ connections are handled securely.
Earlier TLS versions like v1.1 and v1.0 are explicitly not supported and could make your application vulnerable if enabled. Luckily, urllib3 does not allow negotiating these older standards:
TLSv1.1 and below are explicitly disabled
One tip is to always pin your urllib3 dependency to the latest stable version to get security fixes and support for new TLS versions as the protocol evolves.
In summary, by leveraging urllib3 you get secure TLS v1.2+ connections by default on modern Python. No extra configuration needed! But beware of enabling outdated TLS versions or not upgrading urllib3, which could open security holes. Stay safe out there!