[Python-3000] 3.0 crypto
Gregory P. Smith
greg at krypto.org
Fri Sep 7 20:48:18 CEST 2007
On 9/6/07, Ivan Krstić <krstic at solarsail.hcs.harvard.edu> wrote:
>
> On Sep 6, 2007, at 4:09 AM, Martin v. Löwis wrote:
> > There are more issues, of course: some countries restrict the use
> > of cryptography. France is given as an example: you need to register
> > your cryptography keys with the government (SCSSI) before you can
> > use confidentiality-oriented algorithms, IIUC.
>
> This gets at what most interests me -- namely, whether there's a
> strong legal barrier to including more crypto with Python than just
> the hashes we have at the moment. It sounds like the answer is 'yes',
> but what are the details?
fwiw hashes are not cryptography.
The distribution size issue can be mitigated by a reasonable choice
> of supported primitives. I don't think we need to ship the crypto
> kitchen sink with Python; we can disqualify known-broken algorithms
> that many libraries still ship, etc.
I see nothing wrong with leaving pycrypto as an add-on library as most
things don't need it. http://www.amk.ca/python/code/crypto.
The pycrypto API is is very nice. But if we were to consider it for the
standard library I'd prefer it just link against OpenSSL rather than use its
own C implementations and just leave platforms without ssl without any
crypto.
Besides the chances are that most programmers seeing a crypto library will
misuse it and gain a false sense of security on what they've done. ;)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/python-3000/attachments/20070907/5350ec2f/attachment.htm
More information about the Python-3000
mailing list