On Sat, Mar 24, 2012 at 9:45 AM, Dennis E. Hamilton <[email protected]> wrote: > Correcting my own typos and over-abbreviation of the previous post ... > > -----Original Message----- > From: Dennis E. Hamilton [mailto:[email protected]] > Sent: Saturday, March 24, 2012 06:28 > To: [email protected] > Subject: RE: [RELEASE,CODE]: Bug 119090 - Default Encryption Fails for > Down-Level Implementations > > Rob, > > 1. It is absurd to make headway to strengthen security without addressing > the weakest links first. When has that ever been a design principle? >
It is not absurd at all. When I leave my house I lock the back door before the front, even thought I know the back door would be easier to break through. There is no mandated order in which we do things. But you seem to be arguing for leaving the back door open just because you think the front door's lock is weak. That is absurd. So -1 from me to changing the default unless you can come up with a far better technical argument than you have. For example, you might demonstrate that users are actually confused by this change. It would be good to show some evidence of this. Since OOo 3.4 beta had this same change, and LibreOffice has made it as well, there should be 10 million+ users with the AES encryption enabled by default. Can you point us to something in the support forum or user lists where such complaints/confusion are reported? If it is a real problem we surely would be hearing this from users. -Rob
