[Python-Dev] PEP 427 comment: code signing
martin at v.loewis.de
martin at v.loewis.de
Tue Oct 23 07:46:18 CEST 2012
Zitat von "Stephen J. Turnbull" <stephen at xemacs.org>:
> martin at v.loewis.de writes:
>
> > Instead, the primary reason for not choosing cryptography is ease-of-use.
> >
> > For that reason, I still think that using an established algorithm would
> > be the better choice.
>
> I don't understand this. An established algorithm might be
> cryptographically safer, but what could be easier to use than the
> default algorithm that is built-in?
That's exactly what I want: it (PEP 427) should use one of the algorithms
that is built-in (into web signatures). Web signatures give a choice of
three algorithms; yet Daniel proposes to deviate and use a non-builtin
algorithm.
None of the algorithms in question are built in in Python; the two
standard algorithms with public keys (i.e. RSA and ECDSA) are both
built into OpenSSL.
Regards,
Martin
More information about the Python-Dev
mailing list