incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <dennis.hamil...@acm.org>
Subject RE: AOOo can't save passwort protected file
Date Sat, 17 Sep 2011 16:42:34 GMT
Rob,

What are you talking about?

There is no new draft of Part 3 for ODF 1.3 and ODF 1.2 does *not* recommend AES.

This has nothing to do with history lessons about NIST choice of encryption methods. (And
did you know they are starting the look for AES replacement now?)

In any case, I would be shocked to see ODF encryption use, with *any* encryption method whatsoever,
in official secure communications or as a recommended method even for secure commercial communications.
 

As you said earlier, ODF encryption is likely valuable mainly for confined, personal usage
of "Save As ... Password Protected."  There is no need to upgrade for that purpose, especially
unilaterally without user control.  Pity the user who has upgraded at home but not at the
office (or vice versa) and who encrypted a file for carrying from one place to another and
now can't open it at the destination.

 - Dennis

-----Original Message-----
From: Rob Weir [mailto:robweir@apache.org] 
Sent: Saturday, September 17, 2011 05:45
To: ooo-dev@incubator.apache.org
Subject: Re: AOOo can't save passwort protected file

On Fri, Sep 16, 2011 at 7:51 PM, Dennis E. Hamilton
<dennis.hamilton@acm.org> wrote:
> I think reverting to Blowfish with 8-bit CFB and the default algorithms is a good idea
regardless.
>

[ ... ]

When the competition for a new algorithm ended, the winner was the
Advanced Encryption Standard (AES).  We really need to support that
algorithm.  There is a reason why ODF 1.3 recommends it.  

[ ... ]


Mime
View raw message