Am 15.09.2011 08:01, schrieb Shao Zhi Zhao:
hi,
how to do with such ext modules in AOOo?
|+|
|Ext Module |License |
On Fri, Sep 16, 2011 at 7:51 PM, Dennis E. Hamilton
dennis.hamil...@acm.org wrote:
I think reverting to Blowfish with 8-bit CFB and the default algorithms is a
good idea regardless.
I think that would be a very bad idea. We need to look beyond 2.4.1
compatibility and ask what the purpose of
Am 17.09.2011 14:44, schrieb Rob Weir:
When the competition for a new algorithm ended, the winner was the
Advanced Encryption Standard (AES). We really need to support that
algorithm. There is a reason why ODF 1.3 recommends it. There are
regulations in several countries that specify what
Still in Atlanta! Hopefully Quito via Houston now. Manfred is hopefully on
the way via Miami.
So now that the Lazy Consensus period has passed I'm asking trademarks to
have any necessary vote. Thanks.
On 16 September 2011 03:41, Ian Lynch ianrly...@gmail.com wrote:
Yes, on a Delta flight to
Rob,
1. There is no requirement in ODF 1.2 for consumers and producers to support
anything but the default Blowfish with 8-bit CFB.
2. While producing and consuming aes256 is allowed in the specification, there
is not even a should with respect to it.
3. Unilateral change to only producing
On 9/17/11, Dennis E. Hamilton dennis.hamil...@acm.org wrote:
Rob,
1. There is no requirement in ODF 1.2 for consumers and producers to
support anything but the default Blowfish with 8-bit CFB.
Well, there is no requirement to support Blowfish either. Encryption
is an optional feature.
Rob,
What are you talking about?
There is no new draft of Part 3 for ODF 1.3 and ODF 1.2 does *not* recommend
AES.
This has nothing to do with history lessons about NIST choice of encryption
methods. (And did you know they are starting the look for AES replacement now?)
In any case, I would
Nice job. Thanks.
-Original Message-
From: Dave Fisher [mailto:dave2w...@comcast.net]
Sent: Saturday, September 17, 2011 08:15
To: ooo-dev@incubator.apache.org
Subject: Re: [proposal][www][lazy] Apache CMS Site for the OpenOffice.org
Website Migration
The openoffice.org test migration
On 9/17/11, Mathias Bauer mathias_ba...@gmx.net wrote:
Am 17.09.2011 14:44, schrieb Rob Weir:
When the competition for a new algorithm ended, the winner was the
Advanced Encryption Standard (AES). We really need to support that
algorithm. There is a reason why ODF 1.3 recommends it. There
On 9/17/11, Dennis E. Hamilton dennis.hamil...@acm.org wrote:
Rob,
What are you talking about?
There is no new draft of Part 3 for ODF 1.3 and ODF 1.2 does *not* recommend
AES.
This has nothing to do with history lessons about NIST choice of encryption
methods. (And did you know they are
Concerning interoperability with Microsoft Office applications,
1. As far as I know encrypted ODF documents in any form are not accepted by
Microsoft Office applications and there is no expectation that they are.
2. As far as I know, OpenOffice.org does not support any of the stronger
I am not disagreeing with provision of an user option. That is not what the
current OOo-dev 3.4 does. That's not what the current build attempts to do.
That's pretty damned unilateral, Rob. That is what I was referring to.
In a reply to Mathias, you mentioned certification of document
On Sat, Sep 17, 2011 at 1:07 PM, Dennis E. Hamilton
dennis.hamil...@acm.org wrote:
Concerning interoperability with Microsoft Office applications,
1. As far as I know encrypted ODF documents in any form are not accepted by
Microsoft Office applications and there is no expectation that they
Hi;
Despite the valid interest in higher encryption schemes, I
prefer to set Blowfish as default now. That doesn't mean
we won't consider patches later on, of course.
BTW, can't we just use OpenSSL? I think it's included in
most linux/BSD distributions.
Pedro.
On Sat, 17 Sep 2011 12:47:59
Am 17.09.2011 18:47, schrieb Rob Weir:
On 9/17/11, Mathias Bauer mathias_ba...@gmx.net wrote:
Am 17.09.2011 14:44, schrieb Rob Weir:
When the competition for a new algorithm ended, the winner was the
Advanced Encryption Standard (AES). We really need to support that
algorithm. There is a
On Sat, Sep 17, 2011 at 1:26 PM, Pedro Giffuni giffu...@tutopia.com wrote:
Hi;
Despite the valid interest in higher encryption schemes, I
prefer to set Blowfish as default now. That doesn't mean
we won't consider patches later on, of course.
BTW, can't we just use OpenSSL? I think it's
Am 17.09.2011 19:26, schrieb Pedro Giffuni:
Hi;
Despite the valid interest in higher encryption schemes, I
prefer to set Blowfish as default now. That doesn't mean
we won't consider patches later on, of course.
Ah, you used the magic word. :-)
So for those who want to have AES
--- On Sat, 9/17/11, Rob Weir robw...@apache.org wrote:
...
OpenSSL is a a validated module when run in FIPS mode:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2009.htm#
But that would still apply to AES, not Blowfish.
Think of it this way: FIPS 140 defines what
On 10.09.2011 20:31, Eike Rathke wrote:
On Saturday, 2011-09-10 20:19:54 +0200, Michael Stahl wrote:
and i completely forgot to mention that i've got a linear MQ patch
series applying against OOO340 that contains the following:
ooo340fixes
mingwport35
ause131
ause130
writerfilter10
Am 18.09.11 01:04, schrieb Michael Stahl:
On 10.09.2011 20:31, Eike Rathke wrote:
On Saturday, 2011-09-10 20:19:54 +0200, Michael Stahl wrote:
and i completely forgot to mention that i've got a linear MQ patch
series applying against OOO340 that contains the following:
ooo340fixes
mingwport35
Dear Apache OpenOffice.org community;
I have been authorized, and it is my pleasure, to share
with you the good news ...
The Beanshell scripting language will be made available
soon under the Apache License version 2. Later on, this
month, the website will be updated to reflect that:
Hi again;
I think I found the missing piece in the puzzle ...
OOo already uses OpenSSL, but in order to replace nss we need support for
xmlsecurity. This library provides just that under an MIT license:
http://www.aleksey.com/xmlsec/
Alternatively Apache has it#39;s own stuff:
Ugh ... nevermind, we already carry xmlsec !
I guess we have everything to get rid of nss but we are not using it right?
Apache Santuario is interesting though.
Cheers, Pedro.
23 matches
Mail list logo