Nick Craig-Wood <[EMAIL PROTECTED]> writes:
> I would hate to see a module which only implemented ECB.  Sure its the
> only operation necessary to build the others out of, but its the least
> secure mode of any block cipher.

It's intended as a building block for other modes.  Most applications
shouldn't use it directly.

> If you don't offer users a choice, then they'll use ECB and just that
> along with all its pitfalls, meanwhile thinking that they are secure
> because they are using AES/DES...

The documentation has to be written somewhat forcefully to tell users
what not to do.  I can help with that.  I've had to do that a lot,
supporting crypto packages in projects where the other programmers
haven't used crypto very much.
-- 
http://mail.python.org/mailman/listinfo/python-list

Reply via email to