Robin Becker <[EMAIL PROTECTED]> wrote: > Paul Rubin wrote: > > "Reed L. O'Brien" <[EMAIL PROTECTED]> writes: > > > >>I see rotor was removed for 2.4 and the docs say use an AES module > >>provided separately... Is there a standard module that works alike or > >>an AES module that works alike but with better encryption? > > > > > > If you mean a module in the distribution, the answer is no, for > > political reasons. > > > .....I'm also missing the rotor module and regret that something useful > was warned about and now removed with no plugin replacement. > > I had understood that this was because rotor was insecure, but you > mention politics. Are other useful modules to suffer from politics? > > What exactly are/were the political reasons for rotor removal?
Presumably he is talking about crypo-export rules. In the past strong cryptography has been treated as munitions, and as such exporting it (especially from the USA) could have got you into very serious trouble. However I believe those restrictions have been lifted (the cat having been let out of the bag somewhat ;-), and its easy to do this for open source encryption software. A wade through http://www.bxa.doc.gov/Encryption/enc.htm Might be interesting. A case in point: the linux 2.6 kernel is chock full of crypo and comes with implementations of AES, ARC4, Blowfish, Cast5+6, DES, Serpent, Twofish, TEA, etc. The linux kernel+source surely goes everywhere python does so I don't think adding strong crypto modules to python is a problem now-a-days. AES in the core python library would be very useful and it would discourage people from writing their own crypto routines (looks easy but isn't!) -- Nick Craig-Wood <[EMAIL PROTECTED]> -- http://www.craig-wood.com/nick -- http://mail.python.org/mailman/listinfo/python-list
