Author rbcollins
Recipients bkabrda, christian.heimes, dholth, dmalcolm, doughellmann, jpokorny, lukecarrier, pitrou, rbcollins, rpetrov
Date 2017-01-17.00:01:33
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1484611294.43.0.117287266512.issue9216@psf.upfronthosting.co.za>
In-reply-to
Content
A few thoughts;

usedforsecurity=xxx seems awkward: I wouldn't want, as a user of hashlib, to have to put that in literally every use I make of it.

If I understand the situation correctly, the goal is for both linters, and at runtime, identification of the intended purpose of a call to md5 - e.g. whether there are security implications in its use (as far as FIPS is concerned).

Perhaps having two separate implementations of the interfaces, one general purpose and one FIPS would be decent.

e.g. from hashlib.fips import sha1 
etc
etc
and hashlib.fips simply wouldn't contain md5.

Then the md5 thats in hashlib is by definition not FIPS ready and any code using it should be fixed.
History
Date User Action Args
2017-01-17 00:01:34rbcollinssetrecipients: + rbcollins, pitrou, christian.heimes, rpetrov, doughellmann, dmalcolm, dholth, jpokorny, bkabrda, lukecarrier
2017-01-17 00:01:34rbcollinssetmessageid: <1484611294.43.0.117287266512.issue9216@psf.upfronthosting.co.za>
2017-01-17 00:01:34rbcollinslinkissue9216 messages
2017-01-17 00:01:33rbcollinscreate