OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [office] Default encryption algorithm concerns

Rob,

+1 on AES (See also OFFICE-2264 :-) and SHA-2

Nothing wrong with Blowfish AFAIK, but security policies probably mandate
the use of AES

> I don't think we want to require that package producers support the legacy
> method, especially if it is known to be weak.  So I suggest eliminating
> that bullet paragraph altogether, or require the use of SHA2/AES128 if
> there is consensus to have that be the "default" algorithm

Best regards,

Bart

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]