Message108076
More or less random opinions on things presented before:
* I prefer having secure defaults to over documentation, because, well, people don't read documentation.
* If not secure defaults, then pointing out in documentation the secure way AND providing examples that always show the secure way of doing things.
* I can't comment on aes 192 vs 256 as I have not really kept up with that, but it would be good to ask the opinion(s) of the real experts in this field before choosing the defaults/recommending them. Of course, if you can point to an article where the experts already voice their (recent) recommendations, fine.
* When I have thought about Python crypto in the stdlib, I've considered modeling it after hashlib, so you would get cipher = cryptolib.AES(bits=192, ...) etc. (Caveat: haven't thought it through.)
* I'd prefer if the crypto API didn't become OpenSSL specific (like the SSL one is), which would theoretically allow switching in other crypto provider(s).
* The library should make it easy to do the most common operations with as few steps as practically possible.
* It would be nice if the library could provide the means to tweak lower level things if you needed to. Unfortunately this has a tendency to get messy quick, because crypto stuff tends to have lots of options to tweak. |
|
Date |
User |
Action |
Args |
2010-06-18 03:01:41 | heikki | set | recipients:
+ heikki, loewis, gregory.p.smith, exarkun, pitrou, giampaolo.rodola, gdamjan, eric.araujo, debatem1, daniel.urban, mcrute, jsamuel |
2010-06-18 03:01:40 | heikki | set | messageid: <1276830100.14.0.212836058317.issue8998@psf.upfronthosting.co.za> |
2010-06-18 03:01:38 | heikki | link | issue8998 messages |
2010-06-18 03:01:37 | heikki | create | |
|