[Python-3000] 3.0 crypto (original) (raw)
Ivan Krstić krstic at solarsail.hcs.harvard.edu
Thu Sep 6 12:03:45 CEST 2007
- Previous message: [Python-3000] 3.0 crypto
- Next message: [Python-3000] 3.0 crypto
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sep 6, 2007, at 4:09 AM, Martin v. Löwis wrote:
There are more issues, of course: some countries restrict the use of cryptography. France is given as an example: you need to register your cryptography keys with the government (SCSSI) before you can use confidentiality-oriented algorithms, IIUC.
This gets at what most interests me -- namely, whether there's a
strong legal barrier to including more crypto with Python than just
the hashes we have at the moment. It sounds like the answer is 'yes',
but what are the details?
Why do you say that doing the work is not a problem? I see it as a major problem.
I'm willing to either do the work myself, or have someone else from
the secops team at OLPC do it.
In addition, other people also see other problems, like size of the distribution, fear of cryptography in general, and so on.
The distribution size issue can be mitigated by a reasonable choice
of supported primitives. I don't think we need to ship the crypto
kitchen sink with Python; we can disqualify known-broken algorithms
that many libraries still ship, etc.
-- Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
- Previous message: [Python-3000] 3.0 crypto
- Next message: [Python-3000] 3.0 crypto
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]