Martin v. L=F6wis wrote: > M.-A. Lemburg wrote: >=20 >> That's really optimistic. Every CD vendor, mirror site, etc. in the >> world hosting the Python distribution would have to go through the >> business of evaluating whether it's legal to distribute Python or not >> in their particular case. >=20 > Every CD vendor, mirror site, etc. would have to perform a risk=20 > analysis, yes. That goes beyond analysing the legal status only - peopl= e=20 > will usually also take into account what the risk of prosecution is. > They already do that for all other software they distribute, and=20 > apparently come to the conclusion that the risk of being prosecuted is=20 > nearly zero. In reality is probably is for most parts of the world. But why put this burden on the casual user ? >> Crypto is just too much (legal) work if you're serious about it. >=20 > So then you would advise to remove the OpenSSL support from the Windows= =20 > distribution, and from Python altogether? Hmm, I didn't know that the Windows installer comes with an SSL module that includes OpenSSL. I'd strongly advise to make that a separate download. At the very least, there should be a Windows installer without that module and a note on the web-site mentioning the problem and maybe linking to the URL I gave in my other mail. In any case, the download page should have a note about the use of crypto code and interfaces to crypto code to make things safer for both the PSF and the user downloading the distribution. > Because if not, why would it be bad to add more cryptographic packages=20 > to the standard Python distribution? Either you violate some law in som= e=20 > country already by distributing Python from A to B, or you don't. Addin= g=20 > another package doesn't change anything here. I can't follow you're argument. This is like "you've robbed one bank; it doesn't get worse if you rob another two". I also don't understand your position in the light of the PSF's intentions. The PSF is meant to protect the IP in Python -- how does that fit with being careless about breaking law ? >> I also don't really see a problem here: there are plenty good >> crypto packages out there ready to be used.=20 >=20 > And it may be indeed the case that authors of such package fear the los= s=20 > of reputation if competing packages were included into the Python=20 > distribution :-( Is there ? pycrypto is all you need if you're into deep crypto. The standard SSL support is enough crypt for most people and that's already included in the distribution. --=20 Marc-Andre Lemburg eGenix.com Professional Python Software directly from the Source (#1, Apr 25 2003) >>> Python/Zope Products & Consulting ... http://www.egenix.com/ >>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/ ________________________________________________________________________ EuroPython 2003, Charleroi, Belgium: 60 days left
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4