[issue8998] add crypto routines to stdlib
report at bugs.python.org
Fri Jun 18 05:01:40 CEST 2010
Heikki Toivonen <hjtoi-bugzilla at comcast.net> added the comment:
More or less random opinions on things presented before:
* I prefer having secure defaults to over documentation, because, well, people don't read documentation.
* If not secure defaults, then pointing out in documentation the secure way AND providing examples that always show the secure way of doing things.
* I can't comment on aes 192 vs 256 as I have not really kept up with that, but it would be good to ask the opinion(s) of the real experts in this field before choosing the defaults/recommending them. Of course, if you can point to an article where the experts already voice their (recent) recommendations, fine.
* When I have thought about Python crypto in the stdlib, I've considered modeling it after hashlib, so you would get cipher = cryptolib.AES(bits=192, ...) etc. (Caveat: haven't thought it through.)
* I'd prefer if the crypto API didn't become OpenSSL specific (like the SSL one is), which would theoretically allow switching in other crypto provider(s).
* The library should make it easy to do the most common operations with as few steps as practically possible.
* It would be nice if the library could provide the means to tweak lower level things if you needed to. Unfortunately this has a tendency to get messy quick, because crypto stuff tends to have lots of options to tweak.
Python tracker <report at bugs.python.org>
More information about the Python-bugs-list