Webizing Python

Steve Holden sholden at holdenweb.com
Fri Feb 8 15:41:30 CET 2002


"Greg Krohn" <infinitystwin.SPAM at IS.BAD.yahoo.com> wrote in message
news:a4032v01prd at enews3.newsguy.com...
> I don't remember any threads about this, so please forgive me if there has
> been.
>
> In Guido's "The State of the Python Union"
> (http://www.python.org/doc/essays/ppt/python10/py10keynote.ppt) he
mentions
> webizing Python. In particular adding http:/www.python.org/python2.2 to
> sys.path. I would think this would probably be P3K, but does anyone have
any
> info on this yet? It sounds interesting.
>
It's just an idea. It was a reference to Tim Berners-Lee's closing keynote
address, which bore no real relation to Python as it is today, but merely
expressed his desire to incorporate interfaces to the Semantic Web into
Python.

Someone has suggested on this group that the Semantic Web is different from
binary relational information, but if there's no equivalence between
"subject verb object" and "instance relation instance" I'd like to know why
not. I only mention this because I did research into binary relational
knowledge representation way back in the days when knowledge-based systems
were that latest buzz for scoring research grants...

> And seeing as I have very little information, I think it would be a good
> time to start criticizing. I wonder what would happen if something
occurred
> at python.org like hijackers or some honest mistake or accident. I would
be
> putting a lot of faith in the online modules' integrity. I can be
relatively
> certain that a program I run right now will run the same in the morning
(if
> no one touches my computer, of course). This wouldn't be the case if
Python
> were webized. For me, at least.
>
Well, if you've ever downloaded a sourceforge project you've taken the same
risk. When you downloaded Python, did you even bother to check the hash of
your download before you installed it?

Digital signature techniques do make it possible to verify authenticity and
integrity of received information. In fact, you can regard your current
Python installation as a cached copy of the downloadable installer, if you
want to look at things that way. If the sending site has been compromised to
the extent that the hacker has been able to use its private key, naturally
all bets are off.

Obviously the mechanics of importing modules from the web are the least of
the concerns raised by this "proposal" -- and, as Andrew Kuchling has
already pointed out, using a URI to identify modules doesn't imply anything
about physical availability of the information. URI != URL

Before Python *does* support web downloads we will have to put a lot of
solid work in to dependency logging and version control if we are to avoid
the Net-Pythonic equivalent of DLL hell.

wishing-i-could-just-say-"make-it-so"-ly y'rs  - steve
--
Consulting, training, speaking: http://www.holdenweb.com/
Author, Python Web Programming: http://pydish.holdenweb.com/pwp/

"This is Python.  We don't care much about theory, except where it
intersects with useful practice."  Aahz Maruch on c.l.py



--
Consulting, training, speaking: http://www.holdenweb.com/
Author, Python Web Programming: http://pydish.holdenweb.com/pwp/

"This is Python.  We don't care much about theory, except where it
intersects with useful practice."  Aahz Maruch on c.l.py







More information about the Python-list mailing list