[Python-Dev] Cryptographic stuff for 2.3 (original) (raw)

"Martin v. L�wis" martin@v.loewis.de
Fri, 25 Apr 2003 09:01:18 +0200

M.-A. Lemburg wrote:

That's really optimistic. Every CD vendor, mirror site, etc. in the world hosting the Python distribution would have to go through the business of evaluating whether it's legal to distribute Python or not in their particular case.

Every CD vendor, mirror site, etc. would have to perform a risk analysis, yes. That goes beyond analysing the legal status only - people will usually also take into account what the risk of prosecution is. They already do that for all other software they distribute, and apparently come to the conclusion that the risk of being prosecuted is nearly zero.

Crypto is just too much (legal) work if you're serious about it.

So then you would advise to remove the OpenSSL support from the Windows distribution, and from Python altogether?

Because if not, why would it be bad to add more cryptographic packages to the standard Python distribution? Either you violate some law in some country already by distributing Python from A to B, or you don't. Adding another package doesn't change anything here.

I also don't really see a problem here: there are plenty good crypto packages out there ready to be used.

And it may be indeed the case that authors of such package fear the loss of reputation if competing packages were included into the Python distribution :-(

Regards, Martin