Migrate backend to rust #8770
Comments
|
How to use python staff on platforms without rust support? |
|
Cryptography has required rust for more than 2 years. This issue does not change that, it merely uses rust for an additional area of functionality. To use cryptography on a platform without rust support, you'll need to add rust support for that platform. |
|
Who will pay for adding rust to new platforms? |
|
All the developers of PyCA/cryptography are volunteers, we're not being
paid for our work here. Perhaps you'd like to ask the commercial vendors
for these platforms to sponsor Rust/LLVM platform support.
…On Wed, Nov 15, 2023, 11:17 AM rim ***@***.***> wrote:
Who will pay for adding rust to new platforms?
—
Reply to this email directly, view it on GitHub
<#8770 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAAGBFATJZBOADL4K75EV3YETTIHAVCNFSM6AAAAAAXGKPNP2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMJSHA2DCNRZGE>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
Ok, I see. I will avoid python based projects and will recommend to avoid for other peoples. |
|
I'm not going to engage further, except to note that our adoption of rust
was extensively documented and communicated more than 2 years ago. It was
also widely debated.
You've now dropped into what amounts to a random issue and complain to us,
presumably because your commercial vendor has not invested in platform
support.
…On Wed, Nov 15, 2023, 12:10 PM rim ***@***.***> wrote:
Ok, I see.
Project without moderation, responsibility and plans.
Since this is one of base python packet that widely used, all python
products may be broken in any time on any platform.
This is bad for business and for users.
I will avoid python based projects and will recommend to avoid for other
peoples.
—
Reply to this email directly, view it on GitHub
<#8770 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAAGBD4WVVT3AO4ZQZYYP3YETZQ5AVCNFSM6AAAAAAXGKPNP2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMJSHEZTIMRUGE>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
Using rust was wrong way, that reduce supported platforms count and increase support costs for whole industry. After this project get rusted - I spend to many time with outdated or broken py-cryptography package @ FreeBSD. If you want to speak about investing to some platform you should have business plan/commercial offer. |
|
freebsd is supported by rust upstream
…On Wed, Nov 15, 2023, 3:35 PM rim ***@***.***> wrote:
Using rust was wrong way, that reduce supported platforms count and
increase support costs for whole industry.
After this project get rusted - I spend to many time with outdated or
broken py-cryptography package @ FreeBSD.
I do avoid projects that create problems instead of solve them.
Python ecosystem have a lot show stopper problems and this is +1.
If you want to speak about investing to some platform you should have
business plan/commercial offer.
—
Reply to this email directly, view it on GitHub
<#8770 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAAGBGQLFYWTLV4EOQHYX3YEURSHAVCNFSM6AAAAAAXGKPNP2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMJTGIZDEOJUGM>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
Good luck with rust on non amd64 h/w. |
|
We actively ship this package for arm64 (for Linux and macOS). Rust declares support (at various tiers) for FreeBSD with x86-64, x86, arm64, arm32, ppc64, powerpc, and riscv. What platform are you concerned for? |
|
Using Python packages - another one strange idea, since it depend on OpenSSL specific version, that may be differ or LibreSSL may be as default xSSL lib. If you want more details, feel free to read: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254853 |
|
I've read the issue. It was not as illuminating as I'd hoped. As best I can tell, the current state is that FreeBSD has successfully upgraded their version of pyca/cryptography, and have it working on multiple architectures (I see x86-64, arm64, and armv7 mentioned at a minimum). There appears to be an issue with building rust under qemu, though I'm unclear of what the cause is, and it appears that building under qemu is no longer the officially supported way to build ports. Many of the recent comments appear to be dealing with the pain of the OpenSSL 3 migration, which is entirely orthogonal to rust. We also heartily agree that the OpenSSL 3 migration has been very painful. I do not understand your comment about LibreSSL, we support it, numerous versions of OpenSSL, and BoringSSL out out the box: https://cryptography.io/en/latest/installation/#supported-platforms If you have a specific issue, we're happy to hear it. But at this point your comments have been extremely unproductive, to say nothing of rude. |
|
Rust while attracting, is troublesome, at least for some platforms. Moreover, triggering the Rust build to update only one Python module is overkill and contributes to global warming. Could you let me know if you're aware of that? Green computing is as important as security nowadays. I have submitted a PR on FreeBSD Bugzilla to raise attention to this problem. https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276105 |
|
You haven't provided any quantification or evidence for the premise that our migration contributes to global warming, so it's a bit hard to respond. Nevertheless, I believe you have your premise backwards: Python is relatively slow, and thus consumes more computing resources than is necessary. Our migration to Rust has dramatically improved the performance of many components of cryptography, and thus reduced the resources consumed. And this is before we discuss questions such as the level of sustainability for many data centers (many rely entirely on renewable energy). Finally, if you have a specific platform you'd like to discuss support for, please file a dedicated issue for it. Responding to an unrelated issue is distracting to the pyca/cryptography project. |
|
While global warming and human caused climate change is a very real and serious concern, it is not an argument in good faith to tie it to language choice. One could just as easily argue use of Python in its entirety is a contributor to global warming since it is an inefficient language and usage patterns executing the same code repeatedly (vs compiling once and having a far more efficient code path after that) would therefore be problematic. As always, we are happy to discuss ways to make this easier for our users, up to and including working with folks on ecosystem level efforts (which we have engaged in before), but we can only consider actionable requests. "Revert back to C and abandon any effort to make things more secure" is not a course of action under consideration. If you do choose to engage in good faith in the future please open a new issue. |
aeadpkcs12The text was updated successfully, but these errors were encountered: