On Sep 6, 2007, at 4:09 AM, Martin v. Löwis wrote: > There are more issues, of course: some countries restrict the use > of cryptography. France is given as an example: you need to register > your cryptography keys with the government (SCSSI) before you can > use confidentiality-oriented algorithms, IIUC.
This gets at what most interests me -- namely, whether there's a strong legal barrier to including more crypto with Python than just the hashes we have at the moment. It sounds like the answer is 'yes', but what are the details? > Why do you say that doing the work is not a problem? I see it as > a major problem. I'm willing to either do the work myself, or have someone else from the secops team at OLPC do it. > In addition, other people also see other problems, like size of the > distribution, fear of cryptography in general, and so on. The distribution size issue can be mitigated by a reasonable choice of supported primitives. I don't think we need to ship the crypto kitchen sink with Python; we can disqualify known-broken algorithms that many libraries still ship, etc. -- Ivan Krstić <[EMAIL PROTECTED]> | http://radian.org _______________________________________________ Python-3000 mailing list Python-3000@python.org http://mail.python.org/mailman/listinfo/python-3000 Unsubscribe: http://mail.python.org/mailman/options/python-3000/archive%40mail-archive.com
