[Python-Dev] PEP 427 comment: code signing
Daniel Holth
dholth at gmail.com
Tue Oct 23 02:42:35 CEST 2012
You could just include a different algorithm. He meant that the speed of
ed25519 is not an advantage in this use case. Did I mention that its c
implementation has defense against timing attacks?
On Oct 22, 2012 8:24 PM, "Stephen J. Turnbull" <stephen at xemacs.org> wrote:
> martin at v.loewis.de writes:
>
> > Instead, the primary reason for not choosing cryptography is
> ease-of-use.
> >
> > For that reason, I still think that using an established algorithm would
> > be the better choice.
>
> I don't understand this. An established algorithm might be
> cryptographically safer, but what could be easier to use than the
> default algorithm that is built-in?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20121022/ef6b54b3/attachment-0001.html>
More information about the Python-Dev
mailing list