Message274788
Benjamin, what's your take on Alex's suggestion?
<Crys> gutworth: Alex_Gaynor has asked me if hashlib.scrypt() can go into 2.7, too. It's a password-based KDF like hashlib.pbkdf2() but more secure than PBKDF2. It requires OpenSSL 1.1.0.
<Alex_Gaynor> gutworth: I think it'd be good if this were approved, for the same reasons as PEP466
<Crys> contrary to PKBDF2 it doesn't make sense to have a pure-Python implementation. scrypt uses ChaCha20 cipher. I don't want to add a cipher to CPython core (possible legal issue) and it's not available in OpenSSL < 1.1.0. |
|
Date |
User |
Action |
Args |
2016-09-07 10:25:19 | christian.heimes | set | recipients:
+ christian.heimes, gregory.p.smith, benjamin.peterson, alex, python-dev, xiang.zhang |
2016-09-07 10:25:19 | christian.heimes | set | messageid: <1473243919.01.0.488242018304.issue27928@psf.upfronthosting.co.za> |
2016-09-07 10:25:18 | christian.heimes | link | issue27928 messages |
2016-09-07 10:25:18 | christian.heimes | create | |
|