Message 108094 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	daniel.urban, debatem1, eric.araujo, exarkun, gdamjan, giampaolo.rodola, gregory.p.smith, heikki, jsamuel, loewis, mcrute, pitrou
Date	2010-06-18.10:05:17
SpamBayes Score	5.603309e-05
Marked as misclassified	No
Message-id	<1276855514.3338.26.camel@localhost.localdomain>
In-reply-to	<AANLkTilOF8lK7n-Cj2_pZc74d62OijavVWbx2vuZe3oY@mail.gmail.com>

Content
> Great, I'm thinking more-or-less the API proposed in PEP 272- the > exception I'm thinking of is that 'strings' should be substituted for > 'bytes'- for AES and DES. It gets trickier when talking about public > key crypto, though. Perhaps something along the lines of > RSA.new(public_key=None, private_key=None,...), with the resulting > object supporting encrypt/decrypt/sign/verify operations? I don't have any opinion right now. I think a concrete proposal should be initiated and we can iterate from that. (that's assuming other people agree on the principle, of course) > If we're likely to have openssl taken out from under us it could save > us a lot of hassle to plan for that up front. It doesn't seem very likely in the middle term. In particular, the ssl module itself is quite tied to OpenSSL's socket wrapping semantics (including error codes and non-blocking behaviour), so OpenSSL will probably still be required for SSL sockets.

> Great, I'm thinking more-or-less the API proposed in PEP 272- the
> exception I'm thinking of is that 'strings' should be substituted for
> 'bytes'- for AES and DES. It gets trickier when talking about public
> key crypto, though. Perhaps something along the lines of
> RSA.new(public_key=None, private_key=None,...), with the resulting
> object supporting encrypt/decrypt/sign/verify operations?

I don't have any opinion right now. I think a concrete proposal should
be initiated and we can iterate from that.
(that's assuming other people agree on the principle, of course)

> If we're likely to have openssl taken out from under us it could save
> us a lot of hassle to plan for that up front.

It doesn't seem very likely in the middle term. In particular, the ssl
module itself is quite tied to OpenSSL's socket wrapping semantics
(including error codes and non-blocking behaviour), so OpenSSL will
probably still be required for SSL sockets.

History
Date	User	Action	Args
2010-06-18 10:05:20	pitrou	set	recipients: + pitrou, loewis, gregory.p.smith, exarkun, giampaolo.rodola, gdamjan, heikki, eric.araujo, debatem1, daniel.urban, mcrute, jsamuel
2010-06-18 10:05:18	pitrou	link	issue8998 messages
2010-06-18 10:05:17	pitrou	create