[Python-Dev] Python and SSL

M.-A. Lemburg mal@lemburg.com
Wed, 11 Jul 2001 15:33:21 +0200 

"Martin Sjögren" wrote:
> 
> Hello
> 
> I'm currently in the process of developing a basic OpenSSL module for
> Python. Before you say antyhing, yes I know about M2Crypto and its SSL
> support, but for a number of reasons, it doesn't fulfill our needs.

Note that there's also amkCrypto (the successor of mxCrypto which
is a wrapper of the low-level blazing fast tools in OpenSSL):

	http://www.amk.ca/python/code/crypto.html
 
> We found the SSL support in Python to be insufficient (nonexistent :-))
> for our needs.  We thus decided to write our own module.
> 
> The module is faaaar from complete as an interface to the general
> cryptographic functionality of OpenSSl, but it does have basic SSL
> support, including authorization using certificates, PRNG seeding
> functions and an error handling system.

There is some support in the socket module for dealing HTTPS.
Which level of OpenSSL are you focussing (ciphers, certificates
or protocol) ?
 
> Since we are using Python extensively and don't have to pay for it, we
> would like to reply in kind and offer the module back to the Python
> project.
> 
> (This is, in case you're missing it, a hint that now that security is
> the hot subject it is, it's silly for an otherwise so complete language to
> lack SSL support ;-))
>
> The whole kit (including some documentation) can be found here:
> http://www.strakt.com/~martin/pyOpenSSL.tar.gz
> 
> My question is... What do I do now? Where to proceed?

Since the module is "far from complete", I'd suggest to put the project
up on the web somewhere to let it mature. 

I am not sure whether it's a good idea to put
crypto code into the standard Python distribution due to the issues
involved in this (import/export restrictions, etc.), but
perhaps we could open up the Python core a bit for these
"extra" utilities and make them available as separate download
alongside the standard ones.
 
> Please CC me replies, since I'm (of course) not on the list.

-- 
Marc-Andre Lemburg
CEO eGenix.com Software GmbH
______________________________________________________________________
Consulting & Company:                           http://www.egenix.com/
Python Software:                        http://www.lemburg.com/python/