Message162949
Wow, that escalated quickly. :-)
Nick, thanks for keeping things focused and on track.
To recap, the primary motivation here is two-fold. First, folks are using == pretty frequently in an unsafe manner when comparing digests, signatures, and other fixed-length strings. This is not good. Second, as we've seen in this thread and elsewhere, getting this right is not easy. Which is the exact reason it belongs in python's stdlib, so that folks do not try to implement it themselves incorrectly.
And again, preventing the leakage of the length of the inputs is not an intended goal here for this use case. It'd be best to keep things as simple as possible while achieving the desired security objective. |
|
Date |
User |
Action |
Args |
2012-06-16 03:05:32 | Jon.Oberheide | set | recipients:
+ Jon.Oberheide, loewis, ncoghlan, pitrou, christian.heimes, fijall, python-dev, petri.lehtinen, hynek |
2012-06-16 03:05:32 | Jon.Oberheide | set | messageid: <1339815932.05.0.807427233052.issue15061@psf.upfronthosting.co.za> |
2012-06-16 03:05:31 | Jon.Oberheide | link | issue15061 messages |
2012-06-16 03:05:30 | Jon.Oberheide | create | |
|