[Cryptography-dev] Towards a new TLS API
Glyph
glyph at twistedmatrix.com
Sat Apr 19 23:00:24 CEST 2014
On Apr 17, 2014, at 7:37 AM, Christopher Armstrong <radix at twistedmatrix.com> wrote:
> as well as some bikeshedding
Some meta-bikeshedding, then, I suppose: "bikeshedding" is, by definition, futile. Please don't encourage it.
I think you mean something more like "we need to seriously consider all possible preconceptions that our users might be approaching these libraries from, and allow for a longer-than-usual discussion of each name to ensure that it implies the correct type of object so people don't make security mistakes".
In the nuclear-power-plant metaphor, this is not "bikeshedding"; the bike shed is still equally irrelevant. This is intentionally enduring a very long and tedious discussion about the fire suppression system which would be unnecessary in a more mundane building because when a nuclear power plant catches fire it is suuuuuper important that that stuff works, and there are unusual challenges in keeping it working (like for example some plutonium at a billion degrees burning its way to the center of the earth).
In this case, of course, the fissile material is OpenSSL.
-glyph
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20140419/5c834fab/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4124 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20140419/5c834fab/attachment.bin>
More information about the Cryptography-dev
mailing list