[jira] [Commented] (NIFI-1463) Alert users about potentially unsafe password and algorithm combinations when using PBE

Andy LoPresto (JIRA) Wed, 03 Feb 2016 10:02:35 -0800

    [ 
https://issues.apache.org/jira/browse/NIFI-1463?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15130778#comment-15130778
 ]


Andy LoPresto commented on NIFI-1463:
-------------------------------------

Further information on PBE cipher password length checks on machine with 
limited strength crypto. 

> Alert users about potentially unsafe password and algorithm combinations when 
> using PBE
> ---------------------------------------------------------------------------------------
>
>                 Key: NIFI-1463
>                 URL: https://issues.apache.org/jira/browse/NIFI-1463
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework
>    Affects Versions: 0.4.1
>            Reporter: Andy LoPresto
>            Assignee: Andy LoPresto
>              Labels: encryption, security
>             Fix For: 0.5.0
>
>   Original Estimate: 24h
>  Remaining Estimate: 24h
>
> Users can select a weak PBE algorithm for {{EncryptContent}} processor and on 
> a machine without unlimited strength crypto jurisdiction policies installed, 
> the password will be limited to 7 characters. Provide a warning to users 
> about this unsafe situation with instructions to remedy. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (NIFI-1463) Alert users about potentially unsafe password and algorithm combinations when using PBE

Reply via email to