incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <robw...@apache.org>
Subject Re: [RELEASE,CODE]: Bug 119090 - Default Encryption Fails for Down-Level Implementations
Date Sat, 24 Mar 2012 00:31:38 GMT
On Fri, Mar 23, 2012 at 4:23 PM, Dennis E. Hamilton
<dennis.hamilton@acm.org> wrote:

<snip>
<snip>
<snip>
<snip>
<snip>

> THE DEBATE: There is extensive technical discussion on the Bugzilla comments.  Here
is a summary of what all of that technicality is about:
>
>  1. Some presume that switching to AES256 increases the security of the document.
>
>  2. The counter-argument is that it does no good to improve the security in parts of
the encryption that do not improve the security of the weakest-link in the encryption technique.
 It will simply give a false sense of security where there is no improvement.  The weak
link in ODF 1.0/1.1/1.2 encryption is the way that passwords are used.  Not in the encryption
technique that is used for the document.
>

Yes, security is only as strong as the weakest link.  But that is an
argument for improving all the links.  It is not an argument for
undoing improvements that have already been made to some of the links.
 We're not required to refurbish the battleship all in one day.  We
can work deck-by-deck.

The advantage of AES is that it is a known quantity, a standard, and
is called out as a requirement for government procurement in several
countries, including the US.

We're not called on to individually become amateur cryptographers on
this project.  That would benefit absolutely no one.  Instead we
should follow existing industry standards and best practices, one of
which is AES.  And if there are other parts of the encryption pipeline
that can be improved, then let's do that as well.

-Rob

Mime
View raw message