In our meetings at work, if discussion appears to be bogging down, any participant can say "This is a rat-hole" to end the discussion, meaning roughly "This topic can be debated endlessly without coming to any resolution." Cryptography often winds up being such a rat-hole, and this discussion seems equally unlikely to be productive. I'm not convinced it's a huge issue for Zope users; do competing products such as Cold Fusion or Frontier support security at all if the Web server doesn't have it? Magnus Lie Hetland writes:
I don't know if you guys have seen Andrew K's page on Cryptographic Curiosities... But it shouldn't be too hard to include for instance the RSA algorithm in Zope, when it can be expressed in four lines of
A crude implementation of RSA is one thing; actually implementing SSL -> X.509 -> PKCS is entirely another. You'd be better off looking at Pat Knight's UK-based SWIGging of SSLeay, and finishing it off if you're outside of the US. That would be really useful, both for Python in general and Zope in particular. (Someone on the python-crypto mailing list reported that they actually finished SWIGging all of SSLeay's functions; unfortunately they're in the US...)
(And just out of curiosity: Is it a crime to view this web page outside the US? ;)
I hope not! Seriously, those 4 lines of code aren't really usable cryptographic systems, so I don't believe that anyone would try to apply export controls to them. -- A.M. Kuchling http://starship.skyport.net/crew/amk/ Here you come again with your arithmetical conundrums, when I am suffering death with a cold in the head. -- Mark Twain