Is Python suitable for a huge, enterprise size app?

[Paul Rubin]

Dave Brueck <dave at pythonapocrypha.com> writes:
> >>m2crypto (plus some patches to make asynchronous SSL do what we needed).
> > That seems to be a nice piece of code, but it's still at version
> > 0.13;
> 
> Version numbers are fairly relative, though. In another project we're
> using some proprietary, closed source libraries (unrelated to crypto)
> that are version 3 and they seem buggier and less stable than m2crypto.

Yeah, OpenSSL itself is something like 0.97, which however does sound
closer to a final release than 0.13 of anything.

> Having said that - I think we probably *would* use it for production
> financial transactions - but that's more a matter of closed vs. open
> source than Python vs not.

That makes some sense; once you have the code in-house and the
expertise to evaluate it and maintain it, it's at least no worse than
something you wrote yourself.  If you just downloaded it and plopped
it into your application with your eyes closed, that might be asking
for trouble.

> > There's also been some traffic on the
> > python-crypto list about Zope encountering memory leaks with it.
> 
> Ok... so? I mean, if there's a memory leak, and it's hurting us, we
> have options: ...

I just mean the memory leak is a symptom that the software isn't yet
completely debugged.

> Memory leaks aren't exactly unique to Python - according to
> bugs.sun.com, there are currently 382 *open* bugs related to memory
> leaks in the JDK alone. 

Are any of those memory leaks in JSSE?  It's one thing to have a
problem in some noncritical GUI widget, another to have it in the
crypto code.