[Python-Dev] Cryptographic stuff for 2.3
"Martin v. L÷wis"
Fri, 25 Apr 2003 09:01:18 +0200
M.-A. Lemburg wrote:
> That's really optimistic. Every CD vendor, mirror site, etc. in the
> world hosting the Python distribution would have to go through the
> business of evaluating whether it's legal to distribute Python or not
> in their particular case.
Every CD vendor, mirror site, etc. would have to perform a risk
analysis, yes. That goes beyond analysing the legal status only - people
will usually also take into account what the risk of prosecution is.
They already do that for all other software they distribute, and
apparently come to the conclusion that the risk of being prosecuted is
> Crypto is just too much (legal) work if you're serious about it.
So then you would advise to remove the OpenSSL support from the Windows
distribution, and from Python altogether?
Because if not, why would it be bad to add more cryptographic packages
to the standard Python distribution? Either you violate some law in some
country already by distributing Python from A to B, or you don't. Adding
another package doesn't change anything here.
> I also don't really see a problem here: there are plenty good
> crypto packages out there ready to be used.
And it may be indeed the case that authors of such package fear the loss
of reputation if competing packages were included into the Python