Message 108082 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	daniel.urban, debatem1, eric.araujo, exarkun, gdamjan, giampaolo.rodola, gregory.p.smith, heikki, jsamuel, loewis, mcrute, pitrou
Date	2010-06-18.07:09:02
SpamBayes Score	0.0010652425
Marked as misclassified	No
Message-id	<1276844940.3338.11.camel@localhost.localdomain>
In-reply-to	<AANLkTimiwnwxDtcUddKfWClCX7AFuzE4eUuBhIXRgLGE@mail.gmail.com>

Content
Le vendredi 18 juin 2010 à 06:46 +0000, geremy condra a écrit : > geremy condra <debatem1@gmail.com> added the comment: > > On Fri, Jun 18, 2010 at 2:39 AM, Daniel Urban <report@bugs.python.org> wrote: > > > > Daniel Urban <urban.dani+py@gmail.com> added the comment: > > > >> * When I have thought about Python crypto in the stdlib, I've considered modeling it after hashlib, so you would get cipher = cryptolib.AES(bits=192, ...) etc. (Caveat: haven't thought it through.) > > > > I think there is a relevant PEP: PEP 272 -- API for Block Encryption Algorithms v1.0 (http://www.python.org/dev/peps/pep-0272/ ) > > It describes an API somewhat similar to hashlib. > > Again, I'm not entirely opposed to this, but I think it represents a > lower-level API than most developers can really be safely trusted to > handle. If there is a contention or disagreement between different API styles, it may be wise to seek opinions on python-dev or python-ideas. I'd point out that the "ssl" module itself seems to have evolved from a trivial wrapper API (in the 2.5 docs I can only find a single 3-parameter function, socket.ssl()) to a more comprehensive API in 3.2, because people ultimately need the functionalities. (and yet the ssl API in 3.2 is still much less featureful than M2Crypto or pyOpenSSL are)

Le vendredi 18 juin 2010 à 06:46 +0000, geremy condra a écrit :
> geremy condra <debatem1@gmail.com> added the comment:
> 
> On Fri, Jun 18, 2010 at 2:39 AM, Daniel Urban <report@bugs.python.org> wrote:
> >
> > Daniel Urban <urban.dani+py@gmail.com> added the comment:
> >
> >>  * When I have thought about Python crypto in the stdlib, I've considered modeling it after hashlib, so you would get cipher = cryptolib.AES(bits=192, ...) etc. (Caveat: haven't thought it through.)
> >
> > I think there is a relevant PEP: PEP 272 -- API for Block Encryption Algorithms v1.0 (http://www.python.org/dev/peps/pep-0272/ )
> > It describes an API somewhat similar to hashlib.
> 
> Again, I'm not entirely opposed to this, but I think it represents a
> lower-level API than most developers can really be safely trusted to
> handle.

If there is a contention or disagreement between different API styles,
it may be wise to seek opinions on python-dev or python-ideas.

I'd point out that the "ssl" module itself seems to have evolved from a
trivial wrapper API (in the 2.5 docs I can only find a single
3-parameter function, socket.ssl()) to a more comprehensive API in 3.2,
because people ultimately need the functionalities.
(and yet the ssl API in 3.2 is still much less featureful than M2Crypto
or pyOpenSSL are)

History
Date	User	Action	Args
2010-06-18 07:09:04	pitrou	set	recipients: + pitrou, loewis, gregory.p.smith, exarkun, giampaolo.rodola, gdamjan, heikki, eric.araujo, debatem1, daniel.urban, mcrute, jsamuel
2010-06-18 07:09:03	pitrou	link	issue8998 messages
2010-06-18 07:09:02	pitrou	create