[pycrypto] Need your input: Major modernization; dropping legacy Python support?
Dwayne Litzenberger
dlitz at dlitz.net
Tue Jul 1 17:16:59 PDT 2014
On Sat, Feb 22, 2014 at 09:50:50PM +0100, Sebastian Ramacher wrote:
>On 2014-02-06 09:51:39, Dwayne Litzenberger wrote:
>> I'm thinking of merging with the folks at https://cryptography.io/,
>> which is covered by an Apache 2.0 license.
>
>What is the merge going to look like?
The idea is to remove most of the redundancy between PyCrypto and
Cryptography, and combine the two communities that maintain them, so
that we have more eyes looking at less code, and it should remove me as
the bottleneck in all PyCrypto development.
PyCrypto would provide the Crypto.* API using the Cryptography framework
under the hood. The Cryptography API is divided into high-level Python
APIs, and native cipher backends that are pluggable (at least in theory)
and accessed using cffi.
Currently, only an OpenSSL backend is actually implemented, which
creates a licensing issue for GPLv2-only software, but we could probably
put together a backend using either the existing PyCrypto code, or maybe
something like libtomcrypt or libgcrypt.
I'm also talking with the Cryptography folks about ways we can resolve
the GPLv2-incompatibility of Cryptography itself. I'll have more on
that later.
Cheers,
- Dwayne
[1] https://github.com/pyca/cryptography
--
Dwayne C. Litzenberger <dlitz at dlitz.net>
OpenPGP: 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 222 bytes
Desc: Digital signature
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20140701/03892ea2/attachment.sig>
More information about the pycrypto
mailing list