[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [office] RE: (office-comment) Insufficient documentation on ODF encryption.
In the text of my message, there are two paragraphs numbered 3.2. The second one should be 3.3 ODF is silent on what the common text encoding rule for passwords is expected to be. (That is, common text, not comment text.) - Dennis -----Original Message----- From: Dennis E. Hamilton [mailto:firstname.lastname@example.org] http://lists.oasis-open.org/archives/office/200906/msg00004.html Sent: Monday, June 01, 2009 15:10 To: 'Peter Dolding'; 'Wouter van Vugt' Cc: ODF TC List Subject: [office] RE: (office-comment) Insufficient documentation on ODF encryption. [ ... ] 3.2 In either case, the encoding of the "entered password" and any padding for input to the SHA-1 digest procedure (or HMAC-SHA-1) is not specified, as already mentioned in 2.3, above. RFC2898 is typical in its starting with bits and not knowing how the bits got there: "Throughout this document, a password is considered to be an octet string of arbitrary length whose interpretation as a text string is unspecified. In the interest of interoperability, however, it is recommended that applications follow some common text encoding rules." 3.2 ODF is silent on what the comment text encoding rule for passwords is expected to be. [ ... ]