1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
<tt>
<div dir="ltr">please keep the DES3 and XOR.<br>we use them and need them in our ongoing projects<br><br><div class="gmail_quote">On Wed, Apr 22, 2009 at 8:23 PM, Jean-Paul Calderone <span dir="ltr">&lt;<a href="mailto:exarkun@twistedmatrix.com">exarkun@twistedmatrix.com</a>&gt;</span> wrote:<br><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hello,<br><br>
<br><br>
Someone pointed out that XOR and several other ciphers [1] have been<br><br>
removed from PyCrypto. This has the consequence that Twisted Conch,<br><br>
and SSH client and server implementation which depends on PyCrypto,<br><br>
no longer works with the latest development version of PyCrypto, and<br><br>
I assume that when the next release of PyCrypto is made, Conch also<br><br>
won&#39;t work with that.<br><br>
<br><br>
I&#39;m curious how important backwards compatibility is deemed with the<br><br>
new PyCrypto development going on. A change like the one referenced<br><br>
above is going to break users of PyCrypto (and that seems like it is<br><br>
really obvious, to me - as opposed to a change which only accidentally<br><br>
breaks applications). The added maintenance burden this causes makes<br><br>
PyCrypto less attractive (one nice thing about PyCrypto having been<br><br>
unmaintained for a long time is that Conch&#39;s use of it stayed as<br><br>
correct (or incorrect) as it was when it was written). Basically, the<br><br>
question is whether I should expect more PyCrypto changes like this<br><br>
as development proceeds, or whether I can make the argument that backwards<br><br>
compatibility is a *good* thing compelling.<br><br>
<br><br>
Of course it&#39;s one thing to say &quot;more backwards compatibility please&quot;.<br><br>
Actually deciding how that can be accomplished while allowing development<br><br>
to proceed in a useful direction is another. However, I&#39;m intentionally<br><br>
omitting details of that discussion from this message to keep things<br><br>
simple. I&#39;m convinced that some degree of backwards compatibility is<br><br>
always possible, regardless of the changes desired, so the details of how<br><br>
it works aren&#39;t as important as deciding whether backwards compatibility<br><br>
will be maintained.<br><br>
<br><br>
So, what do you say? Can we decide that backwards compatibility is a good<br><br>
thing?<br><br>
<br><br>
Jean-Paul<br><br>
<br><br>
[1] - <a href="http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=commit;h=5b5b496c0f81f3595d0aebb8da5196492abae429" target="_blank">http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=commit;h=5b5b496c0f81f3595d0aebb8da5196492abae429</a><br><br>
<br>
_______________________________________________<br><br>
pycrypto mailing list<br><br>
<a href="mailto:pycrypto@lists.dlitz.net">pycrypto@lists.dlitz.net</a><br><br>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto" target="_blank">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</a><br><br>
</blockquote></div><br></div><br>
</tt>
|