[Python-Dev] openSSL and windows binaries - license
Gregory P. Smith
greg at electricrain.com
Wed Aug 9 09:56:21 CEST 2006
> Strictly speaking, it is dropping a feature: a connection that can get
> established with 2.5b3 might not get established with 2.5c1, assuming
> a server that requires some IDEA-based cipher.
>
> > (any sane SSL connection will negotiate AES or 3DES
> > as its cipher; IDEA isn't required)
>
> Ok, I'll believe you that there isn't a practical risk associated with
> dropping that algorithm; I'll see what I can do.
yep. nothing uses it. Plus the RFC for TLS (SSL) lists the minimum
supported cipher that all implementations need as 3DES.
> > yeah i'd just do that if you're worried about the code being in the
> > binary causing a problem.
>
> See, my own worries come from the "if". Should I risk breaking
> somebody's application just because somebody else is worried about
> breaking patents? You haven't indicated whether you also worry:
> do you?
I'm not worried about breaking applications at all in this case. Many
linux distributions ship with their OpenSSL (used by pretty much all
software on the system including python) without IDEA support.
-greg
More information about the Python-Dev
mailing list