On 3/29/11 7:24 PM, Ed Leafe wrote:
> The SimpleCrypt library will use the PyCrypto module if it is
> installed, and if so, it uses DES encryption. I've since learned that that
> was a poor choice, and that AES encryption is much preferred. I'd like to
> change the module to use AES by default; if necessary I can add an option for
> DES if anyone thinks that is important. In practical terms, if you've been
> using SimpleCrypt with a key to handle your encryption, you will need to
> re-encrypt with the AES version, and then it would work transparently after
> that.
>
> My main concern is I have no idea how widespread usage of this
> particular feature is; IOW, if I were to change it, how much stuff it would
> break.
How about starting a 3-step process:
1) keep old default; enable new AES via dabo.settings
dabo.settings.defaultEncryption = "DES"
...and set the encrytion in PyCrypto via the value in
dabo.settings.defaultEncryption
...and warn that it will be changing in the future and what to do about it
2) default to AES; allow old DES if explicitly set
3) no longer allow DES (raise exception)
Upon implementation of 1, we might find out how much this is used.
Paul
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://leafe.com/mailman/listinfo/dabo-dev
Searchable Archives: http://leafe.com/archives/search/dabo-dev
This message: http://leafe.com/archives/byMID/[email protected]
