From donald at stufft.io Tue Jul 30 01:27:17 2013 From: donald at stufft.io (Donald Stufft) Date: Mon, 29 Jul 2013 19:27:17 -0400 Subject: [Cryptography-dev] Desired API Message-ID: So now that this mailing list is a thing, let's have a discussion! What do we want the desired API to look like? Probably exposing both low and high level (starting with low)? How should we properly separate the two API's in the code in order to have a clear delineation between the two target audiences. I dunno I'm just spit balling to get things started :) ----------------- Donald Stufft PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail URL: From alex.gaynor at gmail.com Tue Jul 30 02:13:47 2013 From: alex.gaynor at gmail.com (Alex Gaynor) Date: Mon, 29 Jul 2013 17:13:47 -0700 Subject: [Cryptography-dev] Desired API In-Reply-To: References: Message-ID: So my idea is that we have something like: cryptography.c -> contains all teh cffi crap cryptography.primitives.* -> contains low level algorithms for example: cryptography.primtives.encryption.aes -> implementation of AES cryptography.* -> contains high level recipes, for example: cryptography.encryption: contains a thing which takes an encryption algorithm and a hasher and and does the right thing. What do people think? Alex On Mon, Jul 29, 2013 at 4:27 PM, Donald Stufft wrote: > So now that this mailing list is a thing, let's have a discussion! > > What do we want the desired API to look like? Probably exposing > both low and high level (starting with low)? How should we > properly separate the two API's in the code in order to have a > clear delineation between the two target audiences. > > I dunno I'm just spit balling to get things started :) > > ----------------- > Donald Stufft > PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 > DCFA > > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > http://mail.python.org/mailman/listinfo/cryptography-dev > > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: 125F 5C67 DFE9 4084 -------------- next part -------------- An HTML attachment was scrubbed... URL: From donald at stufft.io Tue Jul 30 02:14:20 2013 From: donald at stufft.io (Donald Stufft) Date: Mon, 29 Jul 2013 20:14:20 -0400 Subject: [Cryptography-dev] Desired API In-Reply-To: References:

Message-ID: <1C998154-8423-49E9-A210-494BEE1D9261@stufft.io> On Jul 29, 2013, at 8:13 PM, Alex Gaynor wrote: > So my idea is that we have something like: > > cryptography.c -> contains all teh cffi crap > cryptography.primitives.* -> contains low level algorithms for example: > cryptography.primtives.encryption.aes -> implementation of AES > cryptography.* -> contains high level recipes, for example: > cryptography.encryption: contains a thing which takes an encryption algorithm and a hasher and and does the right thing. > This looks reasonable to me. ----------------- Donald Stufft PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail URL: From jean-paul at hybrid-cluster.com Tue Jul 30 02:43:11 2013 From: jean-paul at hybrid-cluster.com (Jean-Paul Calderone) Date: Mon, 29 Jul 2013 20:43:11 -0400 Subject: [Cryptography-dev] Desired API In-Reply-To: References:

Message-ID: <51F70C1F.80306@hybrid-cluster.com> On 07/29/2013 08:13 PM, Alex Gaynor wrote: > So my idea is that we have something like: > > cryptography.c -> contains all teh cffi crap > cryptography.primitives.* -> contains low level algorithms for example: > cryptography.primtives.encryption.aes -> implementation of AES > cryptography.* -> contains high level recipes, for example: > cryptography.encryption: contains a thing which takes an encryption > algorithm and a hasher and and does the right thing. > > What do people think? > I'm sure that would work. Please don't count this email as a -anything. However, `cryptography.encryption? next to `cryptography.primitives.encryption? seems like it's asking for trouble. If `cryptography.primitives? is for things like AES, then how about `cryptography.primitives.cipher? instead? Or perhaps even better, `cryptography.cipher?. Also, make sure to pick a convention for singular vs plural. is it `primitives? or `primitive?? `cipher? or `ciphers?? Neither is better, but mixing them is bad. Should there be more of an outline for the scope of the project? That might guide some of the package organization as well. I know that some discussion happened, it might be good to record the outcome somewhere. Jean-Paul -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 900 bytes Desc: OpenPGP digital signature URL: From alex.gaynor at gmail.com Tue Jul 30 18:48:02 2013 From: alex.gaynor at gmail.com (Alex Gaynor) Date: Tue, 30 Jul 2013 09:48:02 -0700 Subject: [Cryptography-dev] Desired API In-Reply-To: <51F70C1F.80306@hybrid-cluster.com> References:

<51F70C1F.80306@hybrid-cluster.com> Message-ID: On Mon, Jul 29, 2013 at 5:43 PM, Jean-Paul Calderone < jean-paul at hybrid-cluster.com> wrote: > On 07/29/2013 08:13 PM, Alex Gaynor wrote: > > So my idea is that we have something like: > > cryptography.c -> contains all teh cffi crap > cryptography.primitives.* -> contains low level algorithms for example: > cryptography.primtives.encryption.aes -> implementation of AES > cryptography.* -> contains high level recipes, for example: > cryptography.encryption: contains a thing which takes an encryption > algorithm and a hasher and and does the right thing. > > What do people think? > > I'm sure that would work. Please don't count this email as a -anything. > > However, `cryptography.encryption? next to > `cryptography.primitives.encryption? seems like it's asking for trouble. > If `cryptography.primitives? is for things like AES, then how about > `cryptography.primitives.cipher? instead? Or perhaps even better, > `cryptography.cipher?. > > cryptography.primitives.aes and cryptography.ciphers how about? primitives are written in terms of their algorithm (and maybe grouped by topic?), recipe things are written in terms of broader descriptors/purpose. > Also, make sure to pick a convention for singular vs plural. is it > `primitives? or `primitive?? `cipher? or `ciphers?? Neither is better, > but mixing them is bad. > > Should there be more of an outline for the scope of the project? That > might guide some of the package organization as well. I know that some > discussion happened, it might be good to record the outcome somewhere. > > Jean-Paul > > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > http://mail.python.org/mailman/listinfo/cryptography-dev > > So the outline I think we agreed on was: Start by getting the C infrastructure in place and exposing primitives, eventually expose higher level recipes. Alex -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: 125F 5C67 DFE9 4084 -------------- next part -------------- An HTML attachment was scrubbed... URL: