Greg Once you start using DotNetZip you'll never want to go back to SharpZip. We changed our code base over about a year ago and the API is so much cleaner and nicer its unreal. Often we were replacing 20 - 30 lines of code with 3-5. The learning curve is very low as it is just so intuitive to use (and we are doing more than just vanilla zipping). It's clear to me that the API was designed from the caller's perspective and then the code was written to implement the API. For SharpZip it felt the other way around. I can't recommend DotNetZip highly enough.
Ben ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of Greg Keogh Sent: Thursday, 30 June 2011 2:35 PM To: 'ozDotNet' Subject: PKZIPC encryption, keys and reliability Folks, for several weeks now I have been stuffing backups into cloud storage. Simply because it's convenient in batch files, I have been using PKZIPC V6 with switch like these -cryptalg=AES,256 -pass=MyL0ngSafePassw0rd to prepare the files for backup. I mentioned this to my cat and he asked me some interesting overlapping questions: 1. Can you restore your backups in managed code? 2. Can you create backups in managed code that are PKZIPC V6 compatible. 3. How is the AES 256-bit key generated from the PKZIPC V6 password string? 4. Is the PKZIPC V6 encryption compatible with other convenient utilities? Worryingly, the answer to most of these is "dunno", but I'm looking for answers. In any case, I must be sure that my cloud backups are secure and usable in the long term. Imagine having backups you can't read or decrypt sometime in the future. I'm going to run a few tests to see if I can create or read PKZIPC V6 compatible files in managed code. I've been using SharpZip for many years, but it only supports the original weak encryption. I'll probably have to use DotNetZip<http://dotnetzip.codeplex.com/> in my tests, but it's a new library for me and I'll have to get the hang of it. Then question 3 comes into play. Yoiiks! Greg P.S. There are no real questions in this post, just some mental notes and warnings to others doing this sort of thing. This email is intended for the named recipient only. The information it contains may be confidential or commercially sensitive. If you are not the intended recipient you must not reproduce or distribute any part of this email, disclose its contents to any other party, or take any action in reliance on it. If you have received this email in error, please contact the sender immediately and delete the message from your computer.
