Le 03/08/2015 21:50, Tristan Seligmann a écrit : > > However, the primary issue is still dealing with tlslite somehow: I do not > think the FTP masters / security team will be happy with me distributing an > embedded copy of tlslite in the electrum package, and I don't feel > comfortable maintaining tlslite in Debian either way given the > circumstances. >
I perfectly understand that. As mentioned earlier, I am also planning to get rid of that dependency, for the same reasons. Electrum currently uses tlslite to verify RSA signatures, and to parse x509 certificates. For RSA signatures I am considering using the following package: https://pypi.python.org/pypi/rsa > Note that python-cryptography is the "cryptography" library upon which > python-openssl ("PyOpenSSL") is based, not "pycrypto" which is a different > library; but cryptography does use cffi to bind to OpenSSL etc., so is also > not pure python. Unfortunately most of the existing mature TLS / X.509 / > etc. handling code exists in C libraries... > Oh I see. The reason why I want to stay with pure-python is that it makes the code easy to deploy on various platforms. I would not mind using a C library, though, if there is a pure-python fallback. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
