yes, well, that's already built-in: just wrap a socket object with ssl and pass it to SocketTransport. it's a one-liner.
on the other hand, configuring a CA, root certificate, issuing each client and each server a different cert file and managing all this -- it's a nightmare. that's why i've chosen tlslite -- it has a very simple username-password authentication scheme, along side all the SSL crap. it lets me configure clients/servers in no time. of course i'm using it on a close network, where i can trust the servers and limit access to the code that holds the password. again -- if you want ssl, it's already there... it would only require a nicer factory function (e.g., connect_ssl). in layer5 i plan to add ssh-based authentication. ssh is very simple to manage (known_hosts and authorized_keys). that would make authentication really easy. -tomer An NCO and a Gentleman 2011/3/5 Alex Grönholm <[email protected]> > 05.03.2011 12:48, Tomer Filiba kirjoitti: > > i decided to port tlslite to python 2.6, 2.7, 3.1, and 3.2. > the library is public domain, so there's nothing wrong with that. > > http://github.com/tomerfiliba/tlslite > > note that i am NOT going to develop the library -- only port it for newer > versions of python. > i cannot fix and any bugs, add features, etc. -- encryption is not my > domain. > > Wouldn't it be more productive to use the standard library's SSL module > instead? > Declaring the "ssl" and "backports.ssl_match_hostname" distributions from > PyPI as dependencies on Python < 2.6 and < 3.2 respectively to provide > backwards compatibility would let you drop those depencies along with > support for those Python versions at some point in the future. Choosing to > do this instead of breathing life into a dead third party TLS library would > seem the appropriate action to me. > > > > -tomer > > An NCO and a Gentleman > > > On Thu, Mar 3, 2011 at 01:13, Tomer Filiba <[email protected]> wrote: > >> Thanks, everyone. >> >> I published a new blog post about the latest changes: >> http://rpyc.wikidot.com/blog:20110302 >> I'll try to blog more, to keep everyone informed on the development >> process. >> >> -tomer >> >> >> An NCO and a Gentleman >> >> >> On Wed, Mar 2, 2011 at 22:07, Fruch <[email protected]> wrote: >> >>> Way to go Tomer, >>> >>> I sure would be nice to see RPyC back on development, >>> >>> I'm actually gonna try using it in >>> our embedded systems for running tests. >>> maybe such things could help with the PR. >>> >>> I'm ready to pitch in, when help is needed. >>> Mainly documention and testing (which are my traits) >>> >>> Fruch >> >> >> > >
