Originally from Steve Dower (with my apologies):
-----------------------------------------------

Looks good to me, but I wonder why we need to define all the algorithms in the PEP (by 
reference)? Could they also use a similar model to certificates, where the implementation 
provides a constructor that takes a string (in a format defined here, e.g. "OpenSSL 
style") and does the best it can to return something it will know how to use later? 
It involves some trust, but I honestly don't see a world where we end up with 
implementations deliberately trying to be incompatible with each other (which would seem 
to be the only reason to define the full enum ahead of time).

Steve Dower (extracted from a top-posted Windows phone email ;)
_______________________________________________
Security-SIG mailing list
Security-SIG@python.org
https://mail.python.org/mailman/listinfo/security-sig

Reply via email to