On Donnerstag, 9. März 2017 23:09:09 ng0 wrote: > Hans-Peter Jansen transcribed 3.8K bytes: > > Hi, > > > > since the PyCrypto ML is dead, I'm looking for advise/feedback from some > > cryptography aware people. > > > > I've released a keyring companion package today: > > https://github.com/frispete/keyrings.cryptfile > > > > Its primary purpose is a decent encrypted file backend for python > > keyrings. > > As such, it uses manually parameterized argon2 hashes as KDF, and AES in > > OCB mode as stream cipher (well, it just encrypts the password for a > > given service/user name). Granted, the advantages of OCB are not /that/ > > crucial here :wink:, but apart from technical factors, the exclusion of > > military uses > I was looking for some proprietary EULA or something else locked down > license and instead just saw the Expat license.
Don't get you here. Yes, the package contains just a MIT license file for now. > I assume that you are > aware that no anti-mil clause exists in co-existence with free software > licenses > and your sentence was just written in an > odd way? First, bear with me, as I'm not a native speaker. Sometimes, my expressions tend to confuse people. I'm sorry about that. Second, I'm not a lawyer. As long as I use OCB in OSS and does not sue somebody else about it, License 1 is granted, if I read the OCB license options correctly [1]. Anyway, I will add the OCB license to the package and add a note in the initial password retrieval dialog about it.. In this projects state, I would like to discuss the technical issues first. <OT> As said, I sympathize with the idea of the license, since I personally believe, that military conflicts doesn't solve any problems, but many todays problems originate from them.</OT> [1] http://web.cs.ucdavis.edu/~rogaway/ocb/license.htm > > by its license is rather *attractive* from my POV(!). But I'm open for > > discussions of course. Cheers, Pete -- https://mail.python.org/mailman/listinfo/python-list
