Re: [Twisted-Python] Twisted and Flask or Django

[Pantelis Theodosiou]

On Sun, Apr 16, 2017 at 8:33 PM, Glyph Lefkowitz 
wrote:

> On Apr 16, 2017, at 8:27 AM, Pantelis Theodosiou 
> wrote:
>
>
> Are there any similar resources for other web frameworks, for example
> Pyramid? And when I say resources, I mean talks, presentations or just a
> web page with example code.
>
>
> "Hendrix" is a tool for running various frameworks under Twisted; I'm
> pretty sure Pyramid is one of them (although I don't have a direct link to
> pyramid-specific docs handy):
>
> https://hendrix.readthedocs.io/en/latest/
>
> For the most part, general WSGI documentation should get you most of the
> way there with specific frameworks though.  This used to be a lot worse but
> in recent years there's been a lot of convergence.
>
> I think it would be helpful to have a page in the Twisted site, with links
> to such resources - and perhaps a page for each (Django, Flask, Pyramid,
> etc) with sample code and specific issues/tips than have been encountered
> when combining Twisted with other frameworks.
>
>
> The Twisted site is a wiki, and if you are interested in curating such a
> page, I'm happy to give you the relevant edit permissions.
>
>
>
 Great, I'll be happy to do that.
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] [ANN] kubetop 17.4.17.1

[Jean-Paul Calderone]

On Mon, Apr 17, 2017 at 9:44 PM, Glyph Lefkowitz 
wrote:

>
> On Apr 17, 2017, at 10:24 AM, Jean-Paul Calderone <
> exar...@twistedmatrix.com> wrote:
>
> Hello all,
>
> I'm pleased to announce the initial release of kubetop, a command-line
> tool in the style of top(1) for displaying current usage and activity of a
> Kubernetes cluster.
>
>
> Personally I'm not using Kubernetes much, but this looks SUPER handy.  And
> it seems to install cleanly with `pipsi install kubetop` :-).  Thanks for
> the announcement!
>
> I did see this in my install output though:
>
>   Running setup.py bdist_wheel for attr ... done
>   Stored in directory: /Users/glyph/Library/Caches/pip/wheels/39/a7/44/
> cce905c824a2266d3e5747b2de72c8d73f9c8e9f0a71f066cd
>
> Is this actually supposed to depend on https://pypi.python.org/pypi/attr ?
> It seems likely to me that this was a typo somewhere in the dependency
> chain for https://pypi.python.org/pypi/attrs .
>

Oops!  Thanks for pointing that out.  It is indeed a mistake.

Jean-Paul
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] Twisted and Flask or Django

[Glyph Lefkowitz]

> On Apr 17, 2017, at 10:09 PM, Hynek Schlawack  wrote:
> 
> Oh and I’d like to propose to officially merge the twisted-web mailing list 
> into this one.  I don’t think it makes any sense to separate those two 
> anymore.  It’s hard to do anything without web nowadays. :)

I'm definitely inclined to agree about this. I don't think it's had enough 
independent activity to justify its continued existence.  The perceived need 
for a separate list was a cultural feature of an earlier time :).

-glyph___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] Twisted and Flask or Django

[Glyph Lefkowitz]

> On Apr 18, 2017, at 12:45 AM, Pantelis Theodosiou  wrote:
> 
>  Great, I'll be happy to do that.

I think if you log in you should be able to create and edit most pages, 
although the front page will be locked.  Let me know if that is not the case.

-g___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] Elliptic Curve support

[Thedore Oidelson]

Glyph, I understand your and other's concerns, and while clearly I feel a
little differently, my real concern was how the curves I was using were
suddenly not supported at all. Which is why I think the API you and Tobias
suggested is a good compromise.

I have the code to do this just about ready and will submit a ticket and PR
shortly.

On Mon, Apr 17, 2017 at 10:28 PM, Glyph Lefkowitz 
wrote:

>
> On Apr 17, 2017, at 9:46 AM, Thedore Oidelson 
> wrote:
>
> I'm taking Glyph's suggestion and bringing this to the mailing list. :)
>
>
> Thank you :).  Hopefully some people more qualified than me will comment...
>
> I still believe it was unwise to remove the support for the extra EC
> curves in PR #749 for a few reasons that I've said in a few different
> places so I'll summarize them here.
>
>
> I have some arguments with the form of your argument here, but I should
> emphasize that I don't know enough about the specific underlying crypto to
> go one way or another - mostly I'm trusting the opinions of Alex Gaynor,
> and your counterpoints are not convincing (yet).
>
> *  Support for more curves is better.  It gives more options to users and
> developers such as myself who want to use Twisted for custom environments.
> All of this widens the support base.
>
>
> Not necessarily.  Support for more curves may allow or encourage the use
> of insecure curves by naive users.
>
> *  These are all curves suggested in RFC 5656, and I believe the more
> Twisted supports the RFC the better.
>
>
> RFC 5656 is *very* old.  Specifically: pre-heartbleed, pre-snowden,
> pre-BULLRUN revelations.  Just because it's in that RFC is not a compelling
> argument for its inclusion.
>
> *  There are cases for using alternative curves.  NIST-T-571 is stronger
> than any of the currently supported curves.  NIST-K-163 is weaker, but
> there are still uses for it. I may be working in an embedded environment
> where every CPU cycle counts and I just need simple encryption to protect
> against simple plain text scanning.
>
>
> These types of use-cases do not require these curves to be enabled by
> conch by default.  They just require there being a public API to enable
> these things.
>
> * Having extra curves does not make Twisted less secure.
>
>
> If they are enabled by default, it very well can.
>
> SSH negotiates encryption based on a list of preferred ciphers.  We put
> the strongest ciphers first and the weaker curves only get used if nothing
> better is available where weak encryption is still better than no
> encryption.
>
>
> Or if an adversary successfully executes a downgrade attack.
>
> There's downgrade detection in SSH, but we shouldn't rely on it to be
> perfect.
>
> There are other reasons why I think it makes sense to have the curves in
> Twisted but these are the main ones.
>
>
> I think it might be more productive to argue for the inclusion of
> individual curves on a case-by-case basis.  "should it be included at all"
> and "should it be enabled by default" are also separate questions.
>
> -glyph
>
> ___
> Twisted-Python mailing list
> Twisted-Python@twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>
>
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] Elliptic Curve support

[Glyph Lefkowitz]

> On Apr 18, 2017, at 10:25 AM, Thedore Oidelson  wrote:
> 
> Glyph, I understand your and other's concerns, and while clearly I feel a 
> little differently, my real concern was how the curves I was using were 
> suddenly not supported at all. Which is why I think the API you and Tobias 
> suggested is a good compromise.

I'm still a little unclear as to why you were specifically using these curves, 
which I think informs this discussion somewhat :).  For example, if you're 
testing with intentionally weak curves then we should be putting these behind 
an API that is as awkward to use as possible :).

> I have the code to do this just about ready and will submit a ticket and PR 
> shortly.

Cool.  Hopefully our cryptographers in residence will have no issue with an API 
that you have to call to specifically enable these.

-glyph___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] Twisted and Flask or Django

[Craig Rodrigues]

On Mon, Apr 17, 2017 at 2:10 AM, Hynek Schlawack  wrote:

>
> I have to disagree here BTW.  When I started using Twisted as a WSGI
> container, I was vexed by its lack of docs (and I’m still confused about
> many details).  There’s a few blog posts around but none of them reach the
> straight-forwardibility of e.g. gunicorn’s docs.  I’ve ended up asking
> around on IRC, stealing from Donald/PyPI, and reading source code.
>
> I honestly believe, we’re leaving money on the table here.  Using Twisted
> as a WSGI container should be first class use case on the web page since it
> presents a nice entry drug into the ecosystem.
>


If someone was not dedicated to Twisted, why would they even bother going
through all the steps that you did to
figure out how to use Twisted as a WSGI container?  I'm amazed that even
you did not give up. :)

Do you have any idea how Twisted fares in performance benchmarks of WSGI
containers?
Moshe's presentation didn't cover this, and I forgot to ask him at the
presentation.
I also couldn't find any WSGI benchmarks which included Twisted.

--
Craig
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] Twisted and Flask or Django

[Glyph Lefkowitz]

> On Apr 18, 2017, at 9:02 PM, Craig Rodrigues  wrote:
> 
> On Mon, Apr 17, 2017 at 2:10 AM, Hynek Schlawack  > wrote:
> 
> I have to disagree here BTW.  When I started using Twisted as a WSGI 
> container, I was vexed by its lack of docs (and I’m still confused about many 
> details).  There’s a few blog posts around but none of them reach the 
> straight-forwardibility of e.g. gunicorn’s docs.  I’ve ended up asking around 
> on IRC, stealing from Donald/PyPI, and reading source code.
> 
> I honestly believe, we’re leaving money on the table here.  Using Twisted as 
> a WSGI container should be first class use case on the web page since it 
> presents a nice entry drug into the ecosystem.
> 
> 
> If someone was not dedicated to Twisted, why would they even bother going 
> through all the steps that you did to
> figure out how to use Twisted as a WSGI container?  I'm amazed that even you 
> did not give up. :)
> 
> Do you have any idea how Twisted fares in performance benchmarks of WSGI 
> containers?
> Moshe's presentation didn't cover this, and I forgot to ask him at the 
> presentation.
> I also couldn't find any WSGI benchmarks which included Twisted.

Do be honest, it probably doesn't do all that well.  Making the container 
multi-process (as Moshe notes) would be a good first step to getting something 
worth benchmarking.

But, I should note, the obsession with benchmarks in WSGI containers is a 
symptom of a generally industry-wide lack of understanding of good performance 
analysis.  The fastest WSGI container is probably 2% of your application's 
overhead; the slowest possible one, maybe 3%.  The differences look huge when 
you're comparing servers against each other, but throw a real application and a 
database and some load balancer latency in there and the app server container 
utterly disappears.  Even multi-process support isn't really about optimizing 
for performance (although certainly leveraging multiple cores helps), it's 
about being able to safely crash a WSGI container process without bringing down 
the whole server.

-glyph

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] Twisted and Flask or Django

[Glyph Lefkowitz]

> On Apr 18, 2017, at 10:29 PM, Glyph Lefkowitz  wrote:
> 
> Do be honest

*facepalm*.

"To".  To be honest.___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python