Nick Craig-Wood <[EMAIL PROTECTED]> writes: > I would hate to see a module which only implemented ECB. Sure its the > only operation necessary to build the others out of, but its the least > secure mode of any block cipher.
It's intended as a building block for other modes. Most applications shouldn't use it directly. > If you don't offer users a choice, then they'll use ECB and just that > along with all its pitfalls, meanwhile thinking that they are secure > because they are using AES/DES... The documentation has to be written somewhat forcefully to tell users what not to do. I can help with that. I've had to do that a lot, supporting crypto packages in projects where the other programmers haven't used crypto very much. -- http://mail.python.org/mailman/listinfo/python-list