[pycrypto] DES/DES3/XOR/etc removal

Jean-Paul Calderone exarkun at twistedmatrix.com
Wed Apr 22 11:23:35 CST 2009


Someone pointed out that XOR and several other ciphers [1] have been
removed from PyCrypto.  This has the consequence that Twisted Conch,
and SSH client and server implementation which depends on PyCrypto,
no longer works with the latest development version of PyCrypto, and
I assume that when the next release of PyCrypto is made, Conch also
won't work with that.

I'm curious how important backwards compatibility is deemed with the
new PyCrypto development going on.  A change like the one referenced
above is going to break users of PyCrypto (and that seems like it is
really obvious, to me - as opposed to a change which only accidentally
breaks applications).  The added maintenance burden this causes makes
PyCrypto less attractive (one nice thing about PyCrypto having been
unmaintained for a long time is that Conch's use of it stayed as
correct (or incorrect) as it was when it was written).  Basically, the
question is whether I should expect more PyCrypto changes like this
as development proceeds, or whether I can make the argument that backwards
compatibility is a *good* thing compelling.

Of course it's one thing to say "more backwards compatibility please".
Actually deciding how that can be accomplished while allowing development
to proceed in a useful direction is another.  However, I'm intentionally
omitting details of that discussion from this message to keep things
simple.  I'm convinced that some degree of backwards compatibility is
always possible, regardless of the changes desired, so the details of how
it works aren't as important as deciding whether backwards compatibility
will be maintained.

So, what do you say?  Can we decide that backwards compatibility is a good


[1] - http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=commit;h=5b5b496c0f81f3595d0aebb8da5196492abae429

More information about the pycrypto mailing list