diff --git a/library/ssl.po b/library/ssl.po index 7757856261..845b55ae3a 100644 --- a/library/ssl.po +++ b/library/ssl.po @@ -143,23 +143,32 @@ msgid "" "returns a new context with secure default settings." msgstr "" ":class:`SSLSocket` 實例必須使用 :meth:`SSLContext.wrap_socket` 方法來建立。輔" -"助函式 :func:`create_default_context` 會回傳有安全預設設定的新內容。" +"助函式 :func:`create_default_context` 會回傳有安全預設設定的新語境 (context)。" #: ../../library/ssl.rst:82 msgid "Client socket example with default context and IPv4/IPv6 dual stack::" msgstr "" +"使用預設語境及 IPv4/IPv6 雙協定堆疊的客戶端 socket 範例:\n" +"\n" +"::" #: ../../library/ssl.rst:95 msgid "Client socket example with custom context and IPv4::" msgstr "" +"使用自訂語境及 IPv4 的客戶端 socket範例:\n" +"\n" +"::" #: ../../library/ssl.rst:107 msgid "Server socket example listening on localhost IPv4::" msgstr "" +"在本地 IPv4 上監聽伺服器 socket 的範例:\n" +"\n" +"::" #: ../../library/ssl.rst:121 msgid "Context creation" -msgstr "" +msgstr "語境建立" #: ../../library/ssl.rst:123 msgid "" @@ -174,6 +183,8 @@ msgid "" "represent a higher security level than when calling the :class:`SSLContext` " "constructor directly." msgstr "" +"回傳一個新的 :class:`SSLContext` 物件,使用給定 *purpose* 的預設值。這些設定" +"是由 :mod:`ssl` 選擇,通常比直接使用 :class:`SSLContext` 有更高的安全性。" #: ../../library/ssl.rst:133 msgid "" @@ -182,6 +193,9 @@ msgid "" "If all three are :const:`None`, this function can choose to trust the " "system's default CA certificates instead." msgstr "" +"*cafile*, *capath*, *cadata* 是用來選擇用於憑證認證的 CA 憑證,就像 :meth:" +"`SSLContext.load_verify_locations` 一樣。如果三個值都是 :const:`None`,此函式" +"會自動選擇系統預設的 CA 憑證。" #: ../../library/ssl.rst:139 msgid "" @@ -194,6 +208,13 @@ msgid "" "or uses :meth:`SSLContext.load_default_certs` to load default CA " "certificates." msgstr "" +"這些設定包含::data:`PROTOCOL_TLS_CLIENT` 或 :data:`PROTOCOL_TLS_SERVER`、:" +"data:`OP_NO_SSLv2`、以及 :data:`OP_NO_SSLv3`,使用高加密密碼套件但不包含 " +"RC4 和未經身份驗證的密碼套件。如果將 *purpose* 設定為 :const:`~Purpose." +"SERVER_AUTH`,則會把 :data:`~SSLContext.verify_mode` 設為 :data:" +"`CERT_REQUIRED` 並使用設定的 CA 憑證(當 *cafile*、*capath* 或 *cadata* 其中" +"一個值有被設定時) 或使用預設的 CA 憑證 :meth:`SSLContext." +"load_default_certs` 。" #: ../../library/ssl.rst:148 msgid "" @@ -201,6 +222,8 @@ msgid "" "variable :envvar:`SSLKEYLOGFILE` is set, :func:`create_default_context` " "enables key logging." msgstr "" +"當系統有支援 :attr:`~SSLContext.keylog_filename` 並且有設定環境變數 :envvar:" +"`SSLKEYLOGFILE` 時 :func:`create_default_context` 會啟用密鑰日誌記錄 (logging)。" #: ../../library/ssl.rst:153 msgid "" @@ -208,12 +231,16 @@ msgid "" "restrictive values anytime without prior deprecation. The values represent " "a fair balance between compatibility and security." msgstr "" +"協定、選項、密碼和其它設定可以在不捨棄舊值的情況下直接更改成新的值,這些值代" +"表了在相容性和安全性之間取得的合理平衡。" #: ../../library/ssl.rst:157 msgid "" "If your application needs specific settings, you should create a :class:" "`SSLContext` and apply the settings yourself." msgstr "" +"如果你的應用程式需要特殊的設定,你應該要自行建立一個 :class:`SSLContext` 並自" +"行調整設定。" #: ../../library/ssl.rst:161 msgid "" @@ -225,28 +252,37 @@ msgid "" "org/wiki/POODLE>`_. If you still wish to continue to use this function but " "still allow SSL 3.0 connections you can re-enable them using::" msgstr "" +"如果您發現某些舊的客戶端或伺服器常適用此函式建立的 :class:`SSLContext` 連線" +"時,收到 \"Protocol or cipher suite mismatch\" 錯誤,這可能是因為他們的系統僅" +"支援 SSL3.0,然而 SSL3.0 已被此函式用 :data:`OP_NO_SSLv3` 排除。目前廣泛認為 " +"SSL3.0 已經\\ `被完全破解 `_。如果您仍" +"然希望在允許 SSL3.0 連線的情況下使用此函式,可以使用下面的方法:\n" +"\n" +"::" #: ../../library/ssl.rst:177 msgid "RC4 was dropped from the default cipher string." -msgstr "" +msgstr "把 RC4 從預設密碼中捨棄。" #: ../../library/ssl.rst:181 msgid "ChaCha20/Poly1305 was added to the default cipher string." -msgstr "" +msgstr "把 ChaCha20/Poly1305 加入預設密碼。" #: ../../library/ssl.rst:183 msgid "3DES was dropped from the default cipher string." -msgstr "" +msgstr "把 3DES 從預設密碼中捨棄。" #: ../../library/ssl.rst:187 msgid "Support for key logging to :envvar:`SSLKEYLOGFILE` was added." -msgstr "" +msgstr "增加了 :envvar:`SSLKEYLOGFILE` 對密鑰記錄 (logging)的支持。" #: ../../library/ssl.rst:191 msgid "" "The context now uses :data:`PROTOCOL_TLS_CLIENT` or :data:" "`PROTOCOL_TLS_SERVER` protocol instead of generic :data:`PROTOCOL_TLS`." msgstr "" +"當前語境使用 :data:`PROTOCOL_TLS_CLIENT` 協定或 :data:`PROTOCOL_TLS_SERVER` " +"協定而非通用的 :data:`PROTOCOL_TLS`。" #: ../../library/ssl.rst:197 msgid "Exceptions"