What's so funny? WAS Re: rotor replacement

[Skip Montanaro]

    Nick> I think one of the special things about Python is its batteries
    Nick> included approach, and a crypto library would seem to be an
    Nick> obvious battery to install since it doesn't (or needn't) depend on
    Nick> any other library or application.

Obvious for some I suppose (I've never used any).  While it might be
convenient to not have to distribute some third party library in addition to
Python, there is a fundamental problem implementing a crypto algorithm from
scratch for inclusion into Python.  There is always the problem that the new
code has to be more rigorously tested than typical code and new bugs means a
new distribution of Python, not just a replacement library.  A bug in code
that is not security-related generally means something doesn't work and only
rarely means a security hole has been opened on the computer.  A bug in
security-related code more often means the latter as well.  I'd much rather
trust a widely-disseminated piece of crypto code that is simply wrapped by
Python than one that was written expressly written for Python (and that will
likely not be exercised much outside the Python community).

I realize the sha module is incorporated this way.  It has this comment:

 * This code for the SHA algorithm was noted as public domain. The original
 * headers are pasted below.
 *
 * Several changes have been made to make it more compatible with the
 * Python environment and desired interface.

While I imagine the changes were fairly small, the guys involved are all
very smart, and the code is fairly straightforward (little, if any, memory
allocation going on), there is still the possibility that a bug lurks in
either the incorporated code or in the changes to it.  How quickly could the
Python community respond if a bug was found and fixed in the public domain
SHA code?  How much harder would it be for people to adapt if they had to
reinstall Python instead of just an external library?

Skip