On Wed, Oct 17, 2001 at 01:16:54PM -0400, Dom Lachowicz wrote: > Hi guys, > > I just committed the password dialog for unix (non-gnome). I'll work on the > gnome version shortly. Stubs exist for other platforms. Screenshot attached. > I'll try and make it prettier in the near future, but it's not a high priority
Would you care to elaborate on the reason for this? I admit that I haven't really been following the list, but my fear is that this is for encryption, or even worse: DRM. Encryption in itself isn't implicitly BAD, but it is hard to do properly in a program not designed specifically with it in mind. Preferably, passwords should be stored in secure (unswappable) memory. If AbiWord does decide to implement encryption, I urge it not to take an idiotic simple-XOR design that many other word processors have, but to instead take the passphrase, run it through a one-way hash such as MD5 (though MD5 is becoming deprecated), and use the hash result as a key for a well-known, secure block cipher such as Blowfish, CAST5, or 3DES.
