keyrings.cryptfile released on github
hpj at urpla.net
Fri Mar 10 05:49:24 EST 2017
On Donnerstag, 9. März 2017 23:09:09 ng0 wrote:
> Hans-Peter Jansen transcribed 3.8K bytes:
> > Hi,
> > since the PyCrypto ML is dead, I'm looking for advise/feedback from some
> > cryptography aware people.
> > I've released a keyring companion package today:
> > https://github.com/frispete/keyrings.cryptfile
> > Its primary purpose is a decent encrypted file backend for python
> > keyrings.
> > As such, it uses manually parameterized argon2 hashes as KDF, and AES in
> > OCB mode as stream cipher (well, it just encrypts the password for a
> > given service/user name). Granted, the advantages of OCB are not /that/
> > crucial here :wink:, but apart from technical factors, the exclusion of
> > military uses
> I was looking for some proprietary EULA or something else locked down
> license and instead just saw the Expat license.
Don't get you here. Yes, the package contains just a MIT license file for now.
> I assume that you are
> aware that no anti-mil clause exists in co-existence with free software
> and your sentence was just written in an
> odd way?
First, bear with me, as I'm not a native speaker. Sometimes, my expressions
tend to confuse people. I'm sorry about that. Second, I'm not a lawyer.
As long as I use OCB in OSS and does not sue somebody else about it, License 1
is granted, if I read the OCB license options correctly . Anyway, I will
add the OCB license to the package and add a note in the initial password
retrieval dialog about it..
In this projects state, I would like to discuss the technical issues first.
<OT> As said, I sympathize with the idea of the license, since I personally
believe, that military conflicts doesn't solve any problems, but many todays
problems originate from them.</OT>
> > by its license is rather *attractive* from my POV(!). But I'm open for
> > discussions of course.
More information about the Python-list