incubator-ooo-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 119090] Default Encryption Fails for Down-Level Implementations
Date Sat, 24 Mar 2012 14:39:25 GMT
https://issues.apache.org/ooo/show_bug.cgi?id=119090

--- Comment #23 from T. J. Frazier <tj@apache.org> 2012-03-24 14:39:25 UTC ---
*Configuration file*
>From comment 6: "[Users can] 2) Set a configuration entry to make Blowfish the
default."
Please provide evidence that such a *run-time* file exists. Meanwhile, I am
assuming that this is a *build-time* file.

*Better security*
Orcmid points out that, considering the overall security situation, the benefit
of the new encryption method is marginal. Worth doing, yes; big rush, no. Wait
for the GUI code, in AOO 4.0. Offer as an option, possibly, but opt-in, not
opt-out.

*Standards*
Yes, the new encryption is a standard. However, the standard we should be most
concerned with (since it's what we're all about) is the ODF standard. As quoted
by Orcmid, "... SHALL support Blowfish ...". This can easily be interpreted to
mean, "SHALL support *writing* Blowfish", meaning we SHALL change our
configuration to do that.

*User Impact*
This is the biggie. The use of the term "default" is misleading. There is
currently no, repeat *no*, known way for users to choose encryption methods for
ODF 1.2 Extended saves, short of doing their own builds.

What requires, even demands, that we go with an opt-in method (rather than
opt-out, which the users currently can't!), is that this proposal breaks both
downward and sideways compatibility for many editors, and in a most undesirable
way. We might live with it, if other editors (e.g., 3.3) would report, "I can't
read this encryption method." But they don't: they report a read error, which
can strike terror into even sophisticated users. There is nothing we can do
about that, except education (which takes time, which we should allow), and
avoidance (we should do that, too).

With an opt-in method, such as a macro or extension, the user can be adequately
warned of the potential problems, on the spot.

*Recommendations*
(1) Treat this as a blocker, adopt Orcmid's patch or similar, and write
Blowfish in 3.4.
(2) Schedule GUI code (and help, and translations) for 4.0.
(3) Explore opt-in possibilities for 3.4, like a macro or extension.

-- 
Configure bugmail: https://issues.apache.org/ooo/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Mime
View raw message