[Python-3000] 3.0 crypto (was: Re: Solaris support in 3.0?)

[Guido van Rossum]

On 9/11/07, Ivan Krstić <krstic at solarsail.hcs.harvard.edu> wrote:
> On Sep 6, 2007, at 10:54 AM, Guido van Rossum wrote:
> > I'm not sure what you meant with "doing the work isn't a problem". Are
> > you volunteering? I think we need someone who understands the red tape
> > situation most of all. Hopefully I'm worried for nothing.
>
> I'm trying to feel out whether there's strong opposition to shipping
> a good set of built-in crypto operations with Python, and in a way
> that doesn't depend on external libraries.
>
> There are three reasons for opposition that I could imagine:
>
> - legal, in that there's uncertainty about what we can or can't ship.
> I can very likely get the appropriate assistance here to clarify the
> situation.

I think you will have to start here.

> - technical, in that no one has been willing to do the work of
> providing such a set of crypto ops, and/or of writing a PEP for them.

Well, most people in need of crypto with Python can find what they
want as 3rd party code (whether using openssl or not). That these
haven't been integrated with Python is often more a matter of
different project management styles than a philosophical disagreement.
E.g. code that gets significant updates twice a year isn't ready for
inclusion into Python, which only releases new features every 18-24
months.

> - philosophical, in that folks think crypto shouldn't come bundled
> with the language.

I don't think so, though the release managers might disagree. The PR
disaster if a bug in the crypto code were to require shipment of
updates could be significant.

> I'm volunteering to tackle the first two, assuming those are the
> actual problems. Are they?

Why write something new instead of integrating existing code?

What's wrong with openssl?

-- 
--Guido van Rossum (home page: http://www.python.org/~guido/)