[Python-Dev] Future of SSL

[Guido van Rossum]

> > > [me, in response to a remark from Marc-André]
> > > What would be your suggestions? Would you prefer to go in the direction
> > > of my original proposal - only providing a SSL API, but not the
> > > implementation?
> > 
> > Yes, that's how the current SSL support works -- you need to link in
> > openssl.
> 
> So, as long as there are no actual cryptographic algorithms in the
> Python source tree, but only hooks for OpenSSL, there's no problem?

That's what I believe the situation currently, for open source
software.  It wasn't always like this -- at some point, hooks were
enough to need export permission.  It may again be like this, if some
uninformed US senators get their way...

> If this is the case, then there would only be an issue for binary
> distributions of Python, which can be built easily in free countries :-)

Hm, but that's dangerous too -- someone could easily build an RPM that
includes openssl without realizing it.

--Guido van Rossum (home page: http://www.python.org/~guido/)