[PYTHON-CRYPTO] Requirements

PC Drew drewpc at COLORADO.EDU
Tue Feb 13 04:37:29 CET 2001 

--On Monday, February 12, 2001 10:32 PM -0500 Rich Salz
<rsalz at CAVEOSYSTEMS.COM> wrote:

>> I'm not sure how I feel about this.  I think this could be really
>> useful, but also really complex.
>
> I'm repeating myself. :)  It is not all that complex, and PyXML has done
> it.  I agree with Michael that this must be a "Day One" requirement.
>

alright, I'm fine with that!

>> > * The above implies the need for unique identifiers for algorithms,
>> > protocols and vendors throughout the whole class API.
>
> Well, we already have OID's for algorithms, and mechanisms.
>
>> > * At least in debug mode an exception should be raised if the
>> > application passes wrong types of parameters to class methods of the
>> > API.
>> I think this should be done all of the time, not just in debug mode.
>> I'm curious, why do you say "at least in debug mode"?  Is there an
>> example that you have in mind where you wouldn't want to know this
>> information?
>
> Sure.  Once my code is written I do not want to pay the overhead of
> run-time typechecking.
>

good point.  Are you talking like a "if DEBUG:" type thing?  If so, would
it be okay to set DEBUG = true by default so that people have to
consciously turn it off, knowing full well that it will not check for
certain things?

>> * Handle key exchanges and have a key "ring" that is available to all of
>> the algorithms.
>
> Keyring is an interesting idea.  I'm not sure how important it is for
> the first release. On the other hand, doing it right will overlap other
> areas, particularly if you want to implement it on top of PKCS#11,
> CryptoAPI, etc.

I agree that it's not important for the first release.  I think it would be
nice later on though.

>
>>  The key "ring" would be a seperate module that checks to make sure file
>>  permissions are "secure" and reads and writes keys.
>
> I'm not sure about this.  How are the keys protected?  On a windows
> platform, for example?
>

How are they protected right now on windows?  I dunno!

--
PC Drew

  Be nice or I'll replace you with a very
  small shell script.

More information about the python-crypto mailing list