[Python-3000] 3.0 crypto (original) (raw)
"Martin v. Löwis" martin at v.loewis.de
Thu Sep 6 12🔞54 CEST 2007
- Previous message: [Python-3000] 3.0 crypto
- Next message: [Python-3000] 3.0 crypto
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This gets at what most interests me -- namely, whether there's a strong legal barrier to including more crypto with Python than just the hashes we have at the moment. It sounds like the answer is 'yes', but what are the details?
The export permission allows for exporting "mass-market" software; anything you can come up with likely classifies. We need to report precisely what is included (i.e. what files contain the crypto code). So with any release that adds new crypto features, a new report to BXA would formally be necessary.
Why do you say that doing the work is not a problem? I see it as a major problem. I'm willing to either do the work myself, or have someone else from the secops team at OLPC do it.
It's not something that a single person can well do. You will also need to design APIs, and that traditionally involves the community. If you create something ad-hoc, I would request that this first gets field-proven for a few years before being included in the standard distribution. Then, it would face competition to existing such solutions.
The distribution size issue can be mitigated by a reasonable choice of supported primitives. I don't think we need to ship the crypto kitchen sink with Python; we can disqualify known-broken algorithms that many libraries still ship, etc.
Sounds like a PEP topic.
Regards, Martin
- Previous message: [Python-3000] 3.0 crypto
- Next message: [Python-3000] 3.0 crypto
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]