On Sat, Jun 27, 2015 at 6:38 PM, Steven D'Aprano <st...@pearwood.info> wrote: > I'm not a security expert. I'm not even a talented amateur. *Every time* I > suggest that "X is secure", the security guy at work shoots me down in > flames. But nicely, because I pay his wages <wink>
Just out of interest, is _anybody_ active in this thread an expert on security? I certainly am not, which means that the proposal I'm currently putting together probably has a whole bunch of vulnerabilities that I haven't thought of. (Though there's no emphasis on encryption anywhere, just signing. I'm *hoping* that RSA public key verification is sufficient, but if it isn't, it would be possible for a malicious user to make a serious mess of stuff.) But I'm under no delusions. I don't say "this is secure" - all I'm saying is "this works in proof-of-concept". ChrisA -- https://mail.python.org/mailman/listinfo/python-list