add recap and refs

rohttptls.py

@@ -246,8 +246,8 @@ def tls_server_handler():
     ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
 
     # Remember what i said about best default and not shooting
-    # ourselves in the foot. Well Firefox, does a stupid thing
+    # ourselves in the foot. Well Firefox/Gevent/Python, does a stupid thing
-    # during TLS handshake and declares it supports. SSLv3
+    # during TLS handshake one  and declares it supports. SSLv3
     # Which has been considered hopelessly broken since 2014.
     # Mozilla's own security people even said so at the time.
     # See References. Anyway Setting the minimum and maximum
@@ -360,18 +360,19 @@ else:
     daemon_main()
 
 
-# To recap we just did a bunch of work, for no user visible change
+# Now for the recap, today we learned how TLS works from the server's
-# This is not a bad thing, often the first drafts of programs.
+# Perspective. We learned that python has secure defaults and you
-# Will fit the requirements of the moment. But when the requirements
+# should use them unless there's a problem.
-# change the program must be adapted to fit.
+
-# This process of iteration and redesign,
+# We also learned that firefox may have a problem, and being explicit
-# is called "paying down technical debt", and it should be done whenever
+# about the TLS versions we support fixed that issue.
-# possible.
+
-#
+# This problem is more likely a bug in gevent, if I had to guess
-# And we've just moved up to the second level of the 7 story mountain
+
-# Yay us.
+# Stay tuned for Part 6 where we will, finally break up
-#
+# with Rick Astley.
+# Cheers
+
 # References
-# Robustness Principal (Devopedia): https://devopedia.org/postel-s-law
+# Python's SSL Module docs: https://docs.python.org/3/library/ssl.html#ssl.create_default_context
-# IETF RFC 9112 HTTP/1.1 https://datatracker.ietf.org/doc/html/rfc9112
+# End of SSLv3: https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
-#