I think this is only a moderately-bad idea. For encryption, one presumably is limiting the recipients and has some way to share the password to the limited number of users. Often, it is the same user, protecting their own documents with encryption. In that case, when the usage is highly-coordinated, the users can make an informed decision and ensured that any software needed to open the documents is available to those who need to do so.
I would do three things: 1. When the defaults are used, they should be done as defaults (that is, the additional attributes should be omitted, so it looks exactly like what ODF 1.1 supports). I would omit the <manifest:manifest> manifest:version attribute also. 2. When non-defaults allowed under ODF 1.2 are used (including the recommended - not required - uses of SHA256 and alternatives to PBKDF2+HMACSHA1 and Blowfish CFB), the additional attributes have to appear *so* the package should be identified as having <manifest:manifest> manifest:version="1.2" because no down-level implementation is expected to deal with them. 3. The use of default should be the default (because people do expect interoperability by default) and the use of non-default cases should be an option, at least on Save As ... and perhaps on Tools | Options | Load-Save. There needs to be warnings that the document may require the same software [version] to be opened successfully. Maybe the option for selection should express this as a feature. E.g., "Limit the document to being opened by software that implements the additional required ODF 1.2 security features." The case (3) allows for additional features as ODF 1.2+ implementation-defined provisions that tighten some of the security aspects of these packages as well. (E.g., the next button would be "Limit the document to being opened by software that implements xyz extended security features.") - Dennis -----Original Message----- From: libreoffice-bounces+dennis.hamilton=acm....@lists.freedesktop.org [mailto:libreoffice-bounces+dennis.hamilton=acm....@lists.freedesktop.org] On Behalf Of Caolán McNamara Sent: Monday, August 15, 2011 03:05 To: LibreOffice Cc: Thorsten Behrens Subject: [Libreoffice] default ODF encryption/checksum algorithms changed in master. Good thing ? Since 5dd2784030e00fa1857b30ee8c5da62e221bfd32 (inherited change) the default encryption and checksum algorithms used in our .odt export changed, e.g. sha1 to sha256. They changed for settings of "ODF >= 1.2". What it means in practice is that encrypted document exported from >= 3.5/3.6 won't be openable in older versions, e.g. <= 3.4 There is a UseSHA1InODF12 and UseBlowfishInODF12 setting which is currently disabled. Such a change shouldn't go unnoticed anyway. So... a) is this a good thing that should be welcomed, with a "users using older version of LibreOffice/OpenOffice.org should upgrade and/or hassle their vendors for patched versions with support for these backported" b) a bad idea ? C. _______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice _______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
