[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: Mark-up on Interop Profile
cc'ing list on offline conversation on Interop Profile doc. I have attached my mark-up of the document, previously shared with Bart. A. On 10/6/2009 2:23 PM, Hanssens Bart wrote: but that document would not necessarily be a conforming interoperable doc.Regarding passwords: "1 character password seem really strange. One would think the lower end would be at least 4 maybe 6 characters." You're absolutely right on the Producer part, so that's why I only mentioned *Consumer*. After all, one might receive a password protected document created with an "insecure" implementation. (IIRC, Koffice 2.x allows for 1-character passwords, for instance) agreedSo there would be nothing wrong with building a secure *Producer* imposing a lower limit of, say, 8 characters and a dictionary check on top of it... This would require that implementer implement 'weak encryption'. The problem is with the appearance of security without actual security."Requiring weak encryption as a conformance requirement is not correct" That's not *requiring*, but *allowing* to consume weakly protected documents. Remember, a plain text XML file is conforming as well :-) This is in effect requiring the support of weak encryption for conformance. I do think that is wrong. I understand the idea of read liberally and write conservatively, but there is something strange about how that works in this document.
A. |
ODF11_Interop_Profile-wd04_AR.odt
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]