Am 20.02.2013 21:12, schrieb M.-A. Lemburg: > On 20.02.2013 21:03, Donald Stufft wrote: >> On Wednesday, February 20, 2013 at 3:02 PM, Daniel Holth wrote: >>> You know how to do S/MIME; how much harder would it be to use X.509 >>> signatures as are supported with openssl and bundled GUI cert managers on >>> all OSs? >> >> Signing tech doesn't really matter. I suspect societal and possibly legal >> requirements >> will make that choice over technical reasons. > > Relying only on OpenSSL would have the great advantage of being able > to all the verification/signing/key generation in Python. > > But it's missing an infrastructure to revoke keys, unless you also > implement SSL key revocation mechanisms and have users get official > paid/free SSL client certificates from certificate vendors that > provide CRLs or support OTRS. > > At that point, the SSL infrastructure becomes just as difficult to > deal with as GPG/PGP, so there isn't much to win both ways, IMO. > You just have to deal with it...
David Wolever has send me this link: https://github.com/singpolyma/OpenPGP-Python I guess it could also be implemented on top of openssl if Python provides bindings to RSA primitives. Christian _______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
