Path: csiph.com!usenet.pasdenom.info!news.redatomik.org!newsfeed.xs4all.nl!newsfeed8.news.xs4all.nl!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.041 X-Spam-Evidence: '*H*': 0.92; '*S*': 0.00; 'subject:Python': 0.05; 'lesser': 0.07; 'optional': 0.09; 'cc:addr:python-list': 0.10; 'encryption': 0.16; 'fallback': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'loud': 0.16; 'sure.': 0.16; 'wrote:': 0.16; 'instance,': 0.18; 'cc:2**0': 0.21; 'cc:addr:python.org': 0.21; '(the': 0.22; 'software.': 0.22; 'disable': 0.22; 'am,': 0.23; '2015': 0.23; 'third-party': 0.23; "i've": 0.24; 'import': 0.24; 'header:In-Reply-To:1': 0.24; 'raise': 0.24; 'idea': 0.26; 'not,': 0.27; 'data,': 0.27; 'module.': 0.27; 'message-id:@mail.gmail.com': 0.28; 'independence': 0.29; 'optional.': 0.29; "d'aprano": 0.33; 'steven': 0.33; 'received:google.com': 0.34; 'clear': 0.35; 'but': 0.36; 'being': 0.36; 'client': 0.37; "didn't": 0.37; 'subject:: ': 0.37; "won't": 0.38; 'data': 0.40; 'your': 0.60; 'behavior': 0.61; 'default': 0.61; 'state,': 0.66; 'subject:Data': 0.66; 'apart': 0.70; 'privacy': 0.71; 'state.': 0.72; 'lack': 0.76; 'smith': 0.76; 'gain': 0.81; 'chrisa': 0.84; 'pycrypto': 0.84; 'to:none': 0.90; 'imagine': 0.96 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=vaWLNMoNyuyZ61s6ZvBYsNyBB0R2rN5p8aYdDgk6S+w=; b=oV8VXAaO1scwnUHPm+HktfIVIleMybzSjvmKJNx7Z1bYfyEcj2I70ZPFpd9nzJS8rG B+nWJJdazbrs0dW9XDNCtCPTrmPXKP9+TCbU3BIRALj8CEhpeyLy5V9o2tK2xWNq55lq fuwH/cc3FURCyZgxRHgJLloMuwu2Nn3r8+MGutxziFd3u/x5kKmnfolRijVLQfF8BFn+ CrD6oKfFzEDdPItAmPHD2u7wssFMfIQ84D8Iw30hyKC0A2RP9nxQ3G0FUiuDdP+tcnde 3sgYoyfNYAabj8w8t4P3ERbgPpomDQfC3mp53/8nIpXlXC2z48RtllhsP0fBibafWeYW Lfrw== MIME-Version: 1.0 X-Received: by 10.107.8.210 with SMTP id h79mr10332232ioi.27.1435446354275; Sat, 27 Jun 2015 16:05:54 -0700 (PDT) In-Reply-To: <558ef0b6$0$1673$c3e8da3$5496439d@news.astraweb.com> References: <558b7e85$0$1648$c3e8da3$5496439d@news.astraweb.com> <558bc912$0$2899$c3e8da3$76491128@news.astraweb.com> <558c1a7e$0$1668$c3e8da3$5496439d@news.astraweb.com> <558d86b0$0$1659$c3e8da3$5496439d@news.astraweb.com> <558ef0b6$0$1673$c3e8da3$5496439d@news.astraweb.com> Date: Sun, 28 Jun 2015 09:05:53 +1000 Subject: Re: Pure Python Data Mangling or Encrypting From: Chris Angelico Cc: "python-list@python.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.20+ Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 20 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1435448092 news.xs4all.nl 2894 [2001:888:2000:d::a6]:51332 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:93263 On Sun, Jun 28, 2015 at 4:51 AM, Steven D'Aprano wrote: > On Sun, 28 Jun 2015 04:22 am, Randall Smith wrote: > >> The owner (client software) encrypts the data using AES. This is the >> default behavior of the client software. If the client chooses to >> disable encryption, that's their issue for sure. > > I cannot imagine what you think you gain from allowing that to be optional. > Apart from privacy and security breaches. I've no idea whether this is the case or not, but one thing you might gain is independence from a third-party module. You could, for instance, automatically AES-encrypt your data, but only if "from Crypto.Cipher import AES" didn't raise ImportError. That effectively makes encryption optional (the program won't barf for lack of pycrypto installation), while still clearly being the default - and if you have a nice loud warning, then it's clear that encryption is the normal state, and the fallback is a lesser state. ChrisA