[pycrypto] the sad state of pycrypto
zooko
zooko at zooko.com
Sun Nov 9 10:58:00 CST 2008
On Nov 9, 2008, at 8:54 AM, Paul Hoffman wrote:
> The idea of dropping support for "weak" algorithms is silly. No
> developer looks through the list of algorithms in a library and say
> "I'll pick, um, er, that one" without knowing what it is.
I happen to know a somewhat famous developer who once looked through
the Crypto++ API and chose DES-XEX without (I think) realizing that
it was DES-X and not Triple-DES.
But yeah, modelling the developers who use your library -- guessing
how clueful and careful they will be -- is a black art and is
probably doomed to failure.
Regards,
Zooko
More information about the pycrypto
mailing list