[Python-Dev] Future of SSL

[Thomas Wouters]

On Sun, Oct 28, 2001 at 07:20:30AM -0500, Guido van Rossum wrote:

> PS.  One issue with adding more crypto to Python could be US export
> issues.  It's possible that new export limitations for crypto software
> are made law by a congress that doesn't understand the issues, and
> then the US Python distribution could be in trouble (even though our
> site in the the Netherlands, we build the distributions here in the
> US).  Back at CNRI, we couldn't release the SSL wrappers, which don't
> contain any crypto code but enable linking with it, before an
> extensive and expensive legal review, and then we had to wait until
> after a certain date, at which some of the crypto export restrictions
> were lifted.

Sorry for this fairly late response, but I've been slacking the python-dev
mailbox for half a month (I just finished reading just over 600 mails, and
boy, are my arms tired.)

If we are really worried about having the SSL configure checks, let alone
SSL hooks, we could minimize even that by providing a 'crypto' package that
_replaces_ socket.py with one with SSL support. socket.py is a small dinky
thing, after all, that imports most stuff from _socketmodule.so. The actual
code would live in a separate module, and the entire thing could easily be
made a separate patch -- so that if the US government goes medieval on us,
we can easily seperate the SSL part from the main tarball and place it on
www.python.org by itself. A burden, but less so than having five developers
in prison ;-)

On the other hand, I would much prefer an 'ssl' module with an interface
similar to the socket module, and to hell with backward compatibility :) And
I'm also curious what effect the recent court ruling regarding the DeCSS
distribution will have; from what I read, it states that source code is a
form of expression and thus falls under the first amendment of the American
constitution. It goes on to say that

"""Indeed, the [US] Supreme Court has never upheld a prior restraint [on
pure speech], even faced with the competing interest of national security or
the Sixth Amendment right to a fair trial.'"""

If I were even remotely religious, I would pray (and beg humbly on my knees)
to god that this decision stands in higher courts and is respected by other
judges in (to us) similar cases, and recognized by whatever law-designing
forces the US government has.

Sleepless-ramblings-ly y'rs,
-- 
Thomas Wouters <thomas@xs4all.net>

Hi! I'm a .signature virus! copy me into your .signature file to help me spread!