Steve,
I’m in the midst of doing something in this area for Trove and OSLO so I’m interested in this subject and have added [trove] to the subject so I don’t lose track of this thread. I was planning to use pycrypto. I’d prefer to continue with that; but thanks for the heads-up, I’ll plan on making the underlying library pluggable rather than tying closely to pycrypto. I did some looking into FIPS-140 and -2 and it appears that there are no -2 compliant python libraries but many are FIPS-140 compliant in that they provide AES, SHA256 and SHA512. Thanks, -amrith From: Steven Dake (stdake) [mailto:[email protected]] Sent: Sunday, November 6, 2016 3:06 AM To: OpenStack Development Mailing List (not for usage questions) <[email protected]> Subject: [openstack-dev] [requirements][kolla][security] pycrypto vs cryptography Requirements team, Currently Kolla uses pycrypto in our requirements. I see a lot of big tent projects moving to cryptography. Is this just my imagination, or was there a decision on this from the requirements team? We are happy to comply with whatever dep management is considered appropriate for OpenStack ESPECIALLY as it relates to security and crypto libraries. I’d just like confirmation if we should move off pycrypto to cryptography, or if these two things offer similar functionality, or if I’m way off base here :). An orthogonal question I have received from one of our community members (Pavo on irc) is whether pycrypto (or if we move to cryptography) provide FIPS-140-2 compliance. Regards -steve
smime.p7s
Description: S/MIME cryptographic signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
