[Libreoffice] default ODF encryption/checksum algorithms changed in master. Good thing ?

Dennis E. Hamilton dennis.hamilton at acm.org
Mon Aug 15 10:34:18 PDT 2011


I think this is only a moderately-bad idea.  For encryption, one presumably is limiting the recipients and has some way to share the password to the limited number of users.  Often, it is the same user, protecting their own documents with encryption.  In that case, when the usage is highly-coordinated, the users can make an informed decision and ensured that any software needed to open the documents is available to those who need to do so.

I would do three things:

 1. When the defaults are used, they should be done as defaults (that is, the additional attributes should be omitted, so it looks exactly like what ODF 1.1 supports).  I would omit the <manifest:manifest> manifest:version attribute also.

 2. When non-defaults allowed under ODF 1.2 are used (including the recommended - not required - uses of SHA256 and alternatives to PBKDF2+HMACSHA1 and Blowfish CFB), the additional attributes have to appear *so* the package should be identified as having <manifest:manifest> manifest:version="1.2" because no down-level implementation is expected to deal with them.

 3. The use of default should be the default (because people do expect interoperability by default) and the use of non-default cases should be an option, at least on Save As ... and perhaps on Tools | Options | Load-Save.  There needs to be warnings that the document may require the same software [version] to be opened successfully.  Maybe the option for selection should express this as a feature.  E.g., "Limit the document to being opened by software that implements the additional required ODF 1.2 security features."

The case (3) allows for additional features as ODF 1.2+ implementation-defined provisions that tighten some of the security aspects of these packages as well.  (E.g., the next button would be "Limit the document to being opened by software that implements xyz extended security features.") 

 - Dennis



-----Original Message-----
From: libreoffice-bounces+dennis.hamilton=acm.org at lists.freedesktop.org [mailto:libreoffice-bounces+dennis.hamilton=acm.org at lists.freedesktop.org] On Behalf Of Caolán McNamara
Sent: Monday, August 15, 2011 03:05
To: LibreOffice
Cc: Thorsten Behrens
Subject: [Libreoffice] default ODF encryption/checksum algorithms changed in master. Good thing ?

Since 5dd2784030e00fa1857b30ee8c5da62e221bfd32 (inherited change) the
default encryption and checksum algorithms used in our .odt export
changed, e.g. sha1 to sha256. They changed for settings of "ODF >=
1.2".

What it means in practice is that encrypted document exported from >=
3.5/3.6 won't be openable in older versions, e.g. <= 3.4

There is a UseSHA1InODF12 and UseBlowfishInODF12 setting which is
currently disabled.

Such a change shouldn't go unnoticed anyway. So...
a) is this a good thing that should be welcomed, with a "users using
older version of LibreOffice/OpenOffice.org should upgrade and/or hassle
their vendors for patched versions with support for these backported"
b) a bad idea ?


C.


_______________________________________________
LibreOffice mailing list
LibreOffice at lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice



More information about the LibreOffice mailing list