# SSL 101

The following SSL protocols are considered insecure. 

* `PROTCOL_SSLv3` 
* `PROTOCOL_SSLv2` 
* `PROTOCOL_TLSv1` 
* `PROTOCOL_TLSv1_1` 

## Fixes

* Use `ssl.create_default_context()` instead of trying to do this yourself
* Do not use version specifiers, use `PROTOCOL_TLS` with options disallowing the bad protocols

## See Also

* http://heartbleed.com/
* http://poodlebleed.com/
* https://www.openssl.org/~bodo/ssl-poodle.pdf
* https://docs.python.org/3/library/ssl.html#ssl-security