This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients alex, benjamin.peterson, christian.heimes, gregory.p.smith, python-dev, xiang.zhang
Date 2016-09-07.10:25:18
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Benjamin, what's your take on Alex's suggestion?

<Crys> gutworth: Alex_Gaynor has asked me if hashlib.scrypt() can go into 2.7, too. It's a password-based KDF like hashlib.pbkdf2() but more secure than PBKDF2. It requires OpenSSL 1.1.0.
<Alex_Gaynor> gutworth: I think it'd be good if this were approved, for the same reasons as PEP466
<Crys> contrary to PKBDF2 it doesn't make sense to have a pure-Python implementation. scrypt uses ChaCha20 cipher. I don't want to add a cipher to CPython core (possible legal issue) and it's not available in OpenSSL < 1.1.0.
Date User Action Args
2016-09-07 10:25:19christian.heimessetrecipients: + christian.heimes, gregory.p.smith, benjamin.peterson, alex, python-dev, xiang.zhang
2016-09-07 10:25:19christian.heimessetmessageid: <>
2016-09-07 10:25:18christian.heimeslinkissue27928 messages
2016-09-07 10:25:18christian.heimescreate