Hi,
for AOO 3.4 we had already discussed and later on reverted a change to
enable the ODF Document encryption AES-256 by default.
Some time ago I played with a new option field to allow the user to
enable this option as new default, see [1]
By default the office still uses the old blowfish algorithm but with
this new option the user can enable the ODF 1.2 encryption. Well it is a
minimal change to improve the current situation and allow the user to
make use of what we already have.
What does it mean in detail when we integrate this change?
1. No change as long as this option is not enabled
2. Option enabled and ODF 1.2 encryption is now default
2.1 New documents stored with password can't be loaded on older office
versions
2.2 New or existing documents stored in older versions can still be
loaded in the new office
2.3 Documents stored in older version (with the old algorithm) and
loaded in the new office works as expected. Changes made in the document
and stored with the new office still use the old algorithm and the
document can later on opened in older office versions.
From my pov of view there is still room for improvements but it is a
first useful step to move forward to a more secure algorithm and give
the user the opportunity to tweak the settings in the preferred way.
I would like to propose to integrate this change and test it how well it
works.
Any opinions? Well keep in mind it is a minimal enhancement to make use
of what we already have. There is still room for improvements ...
Juergen
[1] http://people.apache.org/~jsc/test/encryption_aes256_odf12.png
for AOO 3.4 we had already discussed and later on reverted a change to
enable the ODF Document encryption AES-256 by default.
Some time ago I played with a new option field to allow the user to
enable this option as new default, see [1]
By default the office still uses the old blowfish algorithm but with
this new option the user can enable the ODF 1.2 encryption. Well it is a
minimal change to improve the current situation and allow the user to
make use of what we already have.
What does it mean in detail when we integrate this change?
1. No change as long as this option is not enabled
2. Option enabled and ODF 1.2 encryption is now default
2.1 New documents stored with password can't be loaded on older office
versions
2.2 New or existing documents stored in older versions can still be
loaded in the new office
2.3 Documents stored in older version (with the old algorithm) and
loaded in the new office works as expected. Changes made in the document
and stored with the new office still use the old algorithm and the
document can later on opened in older office versions.
From my pov of view there is still room for improvements but it is a
first useful step to move forward to a more secure algorithm and give
the user the opportunity to tweak the settings in the preferred way.
I would like to propose to integrate this change and test it how well it
works.
Any opinions? Well keep in mind it is a minimal enhancement to make use
of what we already have. There is still room for improvements ...
Juergen
[1] http://people.apache.org/~jsc/test/encryption_aes256_odf12.png