[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [office] Default encryption algorithm concerns
On 11 May 2010 19:11, Hanssens Bart <Bart.Hanssens@fedict.be> wrote: > Rob, > > +1 on AES (See also OFFICE-2264 :-) and SHA-2 > > Nothing wrong with Blowfish AFAIK, but security policies probably mandate > the use of AES No, nothing wrong with blowfish. And its on the approved list of the South African Government Minimum Interoperability Standard. But I guess AES is more widely approved. Regards Bob > >> I don't think we want to require that package producers support the legacy >> method, especially if it is known to be weak. So I suggest eliminating >> that bullet paragraph altogether, or require the use of SHA2/AES128 if >> there is consensus to have that be the "default" algorithm > > Best regards, > > Bart > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]