[Python-Dev] PEP 427 comment: code signing
martin at v.loewis.de
martin at v.loewis.de
Tue Oct 23 07:46:18 CEST 2012
More information about the Python-Dev mailing list
Tue Oct 23 07:46:18 CEST 2012
- Previous message: [Python-Dev] PEP 427 comment: code signing
- Next message: [Python-Dev] PEP 427 comment: code signing
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Zitat von "Stephen J. Turnbull" <stephen at xemacs.org>: > martin at v.loewis.de writes: > > > Instead, the primary reason for not choosing cryptography is ease-of-use. > > > > For that reason, I still think that using an established algorithm would > > be the better choice. > > I don't understand this. An established algorithm might be > cryptographically safer, but what could be easier to use than the > default algorithm that is built-in? That's exactly what I want: it (PEP 427) should use one of the algorithms that is built-in (into web signatures). Web signatures give a choice of three algorithms; yet Daniel proposes to deviate and use a non-builtin algorithm. None of the algorithms in question are built in in Python; the two standard algorithms with public keys (i.e. RSA and ECDSA) are both built into OpenSSL. Regards, Martin
- Previous message: [Python-Dev] PEP 427 comment: code signing
- Next message: [Python-Dev] PEP 427 comment: code signing
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list