nick at craig-wood.com
Wed Jan 19 11:30:02 CET 2005
Robin Becker <robin at SPAMREMOVEjessikat.fsnet.co.uk> wrote:
> Paul Rubin wrote:
> > "Reed L. O'Brien" <reed at intersiege.com> writes:
> >>I see rotor was removed for 2.4 and the docs say use an AES module
> >>provided separately... Is there a standard module that works alike or
> >>an AES module that works alike but with better encryption?
> > If you mean a module in the distribution, the answer is no, for
> > political reasons.
> .....I'm also missing the rotor module and regret that something useful
> was warned about and now removed with no plugin replacement.
> I had understood that this was because rotor was insecure, but you
> mention politics. Are other useful modules to suffer from politics?
> What exactly are/were the political reasons for rotor removal?
Presumably he is talking about crypo-export rules. In the past strong
cryptography has been treated as munitions, and as such exporting it
(especially from the USA) could have got you into very serious
However I believe those restrictions have been lifted (the cat having
been let out of the bag somewhat ;-), and its easy to do this for open
source encryption software. A wade through
Might be interesting.
A case in point: the linux 2.6 kernel is chock full of crypo and comes
with implementations of AES, ARC4, Blowfish, Cast5+6, DES, Serpent,
Twofish, TEA, etc. The linux kernel+source surely goes everywhere
python does so I don't think adding strong crypto modules to python is
a problem now-a-days.
AES in the core python library would be very useful and it would
discourage people from writing their own crypto routines (looks easy
Nick Craig-Wood <nick at craig-wood.com> -- http://www.craig-wood.com/nick
More information about the Python-list