incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <dennis.hamil...@acm.org>
Subject RE: [RELEASE,CODE]: Bug 119090 - Default Encryption Fails for Down-Level Implementations
Date Sat, 24 Mar 2012 13:28:03 GMT
Rob,

 1. It is absurd to make headway to strengthen security without addressing the weakest links
first. When has that ever been a design principle? 

 2. The proposal is not to abandon AES but to not make it the default.  Folks for whom AES
is imperative can elect it.  Packagers in enterprises can even configure it.  If it is as
easy as claimed, why do this instead of a silent, forced change that causes the most pain
to the least-expert?

 3. To address a check-off item without addressing the actual security situation and what
is achieved in actual context brands us as the amateurs.  For me, it is an ethical issue I
can't step over as a computer-system professional.  (The fact that I can see this much as
an amateur document-security wonk is an indication of how fragile, and amateurish, the security
of ODF document encryption is.)

 - Dennis

-----Original Message-----
From: Rob Weir [mailto:robweir@apache.org] 
Sent: Friday, March 23, 2012 17:32
To: ooo-dev@incubator.apache.org
Subject: Re: [RELEASE,CODE]: Bug 119090 - Default Encryption Fails for Down-Level Implementations

On Fri, Mar 23, 2012 at 4:23 PM, Dennis E. Hamilton
[ ... ]

Yes, security is only as strong as the weakest link.  But that is an
argument for improving all the links.  It is not an argument for
undoing improvements that have already been made to some of the links.
 We're not required to refurbish the battleship all in one day.  We
can work deck-by-deck.

The advantage of AES is that it is a known quantity, a standard, and
is called out as a requirement for government procurement in several
countries, including the US.

[ ... ]


Mime
View raw message