Hi Mathias,
> AFAIR a genius has bound our whole address book support code (not only
> the code for the Mozilla address book) to Mozilla code. And we also use
> the Mozilla stuff for ldap. All other formerly Mozilla based
> functionality in OOo nowadays uses nss.
That's correct. Well, except the
Am 22.09.2011 17:49, schrieb Michael Stahl:
> On 17.09.2011 22:32, Pedro F. Giffuni wrote:
>>
>>
>> --- On Sat, 9/17/11, Rob Weir wrote:
>> ...
>>>
>>> OpenSSL is a a validated module when run in "FIPS mode":
>>>
>>> http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2009.htm#
>>>
Hi;
--- On Thu, 9/22/11, Michael Stahl wrote:
...
> > Thanks for this point. NSS is not certified and given
> the
>
> where the heck did you get that idea?
>
> http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1280
>
Ugh.. there's something broken in the iPad safari
search opt
On 17.09.2011 22:32, Pedro F. Giffuni wrote:
>
>
> --- On Sat, 9/17/11, Rob Weir wrote:
> ...
>>
>> OpenSSL is a a validated module when run in "FIPS mode":
>>
>> http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2009.htm#
>>
>> But that would still apply to AES, not Blowfish.
>>
>
On Mon, 19 Sep 2011 16:42:22 -0500, Pedro Giffuni
wrote:
On Mon, 19 Sep 2011 23:34:22 +0200, Mathias Bauer
wrote:
...
Just a thought ... Perhaps we should try to make Apache OO
*really*
Apache. I am now seeing so many nice things that other Apache
projects
offer: Santuario, APR, pdfbox, Xe
On Mon, 19 Sep 2011 23:34:22 +0200, Mathias Bauer
wrote:
...
Just a thought ... Perhaps we should try to make Apache OO *really*
Apache. I am now seeing so many nice things that other Apache
projects
offer: Santuario, APR, pdfbox, Xerces/Xalan, Maven, etc. Just
something
to consider (a
Am 19.09.2011 23:07, schrieb Pedro Giffuni:
> Hi Matias;
>
> On Mon, 19 Sep 2011 22:06:56 +0200, Mathias Bauer
> wrote:
>> Am 18.09.2011 06:10, schrieb Pedro F. Giffuni:
>>
>>> Ugh ... nevermind, we already carry xmlsec !
>>>
>>> I guess we have everything to get rid of nss but we are not u
Hi Matias;
On Mon, 19 Sep 2011 22:06:56 +0200, Mathias Bauer
wrote:
Am 18.09.2011 06:10, schrieb Pedro F. Giffuni:
Ugh ... nevermind, we already carry xmlsec !
I guess we have everything to get rid of nss but we are not using it
right? Apache Santuario is interesting though.
Cheers, Ped
Am 18.09.2011 06:10, schrieb Pedro F. Giffuni:
> Ugh ... nevermind, we already carry xmlsec !
>
> I guess we have everything to get rid of nss but we are not using it right?
> Apache Santuario is interesting though.
>
> Cheers, Pedro.
The reason why we went for nss when we needed AES enryptio
Ugh ... nevermind, we already carry xmlsec !
I guess we have everything to get rid of nss but we are not using it right?
Apache Santuario is interesting though.
Cheers, Pedro.
Hi again;
I think I found the missing piece in the puzzle ...
OOo already uses OpenSSL, but in order to replace nss we need support for
xmlsecurity. This library provides just that under an MIT license:
http://www.aleksey.com/xmlsec/
Alternatively Apache has it's own stuff:
http://s
--- On Sat, 9/17/11, Rob Weir wrote:
...
>
> OpenSSL is a a validated module when run in "FIPS mode":
>
> http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2009.htm#
>
> But that would still apply to AES, not Blowfish.
>
> Think of it this way: FIPS 140 defines what the
> acce
Am 17.09.2011 19:26, schrieb Pedro Giffuni:
> Hi;
>
> Despite the valid interest in higher encryption schemes, I
> prefer to set Blowfish as default now. That doesn't mean
> we won't consider patches later on, of course.
Ah, you used the magic word. :-)
So for those who want to have AES enc
On Sat, Sep 17, 2011 at 1:26 PM, Pedro Giffuni wrote:
> Hi;
>
> Despite the valid interest in higher encryption schemes, I
> prefer to set Blowfish as default now. That doesn't mean
> we won't consider patches later on, of course.
>
> BTW, can't we just use OpenSSL? I think it's included in
> most
Am 17.09.2011 18:47, schrieb Rob Weir:
> On 9/17/11, Mathias Bauer wrote:
>> Am 17.09.2011 14:44, schrieb Rob Weir:
>>
>>> When the competition for a new algorithm ended, the winner was the
>>> Advanced Encryption Standard (AES). We really need to support that
>>> algorithm. There is a reason w
Hi;
Despite the valid interest in higher encryption schemes, I
prefer to set Blowfish as default now. That doesn't mean
we won't consider patches later on, of course.
BTW, can't we just use OpenSSL? I think it's included in
most linux/BSD distributions.
Pedro.
On Sat, 17 Sep 2011 12:47:59 -040
- Dennis
>
> -Original Message-
> From: Rob Weir [mailto:robw...@apache.org]
> Sent: Saturday, September 17, 2011 09:40
> To: ooo-dev@incubator.apache.org; dennis.hamil...@acm.org
> Subject: Re: AOOo can't save passwort protected file
>
> On 9/17/11, Denni
September 17, 2011 09:58
To: ooo-dev@incubator.apache.org; dennis.hamil...@acm.org
Subject: Re: AOOo can't save passwort protected file
[ ... ]
I'm not arguing that we
don't support Blowfish at all. I'm saying that we should also allow
saving with AES, as allowed by ODF, and
ennis
-Original Message-
From: Rob Weir [mailto:robw...@apache.org]
Sent: Saturday, September 17, 2011 09:40
To: ooo-dev@incubator.apache.org; dennis.hamil...@acm.org
Subject: Re: AOOo can't save passwort protected file
On 9/17/11, Dennis E. Hamilton wrote:
> Rob,
>
&
a 3 year old
version of OOo. For example, making it easier for them to know that
their best option is to save the document on ODF 1.1 format. That
solves this issue, and several others.
> - Dennis
>
> -Original Message-
> From: Rob Weir [mailto:robw...@apache.org]
> Sent
On 9/17/11, Mathias Bauer wrote:
> Am 17.09.2011 14:44, schrieb Rob Weir:
>
>> When the competition for a new algorithm ended, the winner was the
>> Advanced Encryption Standard (AES). We really need to support that
>> algorithm. There is a reason why ODF 1.3 recommends it. There are
>> regulat
the destination.
- Dennis
-Original Message-
From: Rob Weir [mailto:robw...@apache.org]
Sent: Saturday, September 17, 2011 05:45
To: ooo-dev@incubator.apache.org
Subject: Re: AOOo can't save passwort protected file
On Fri, Sep 16, 2011 at 7:51 PM, Dennis E. Hamilton
wrote:
> I thin
e of interoperability seems like a
> great opportunity in this area. The ODF Toolkit might provide some valuable
> reference cases as well.
>
> - Dennis
>
> -Original Message-
> From: Rob Weir [mailto:robw...@apache.org]
> Sent: Saturday, September 17, 2011 05:45
> To
al Message-
From: Rob Weir [mailto:robw...@apache.org]
Sent: Saturday, September 17, 2011 05:45
To: ooo-dev@incubator.apache.org
Subject: Re: AOOo can't save passwort protected file
On Fri, Sep 16, 2011 at 7:51 PM, Dennis E. Hamilton
wrote:
> I think reverting to Blowfish with 8-bit C
Am 17.09.2011 14:44, schrieb Rob Weir:
> When the competition for a new algorithm ended, the winner was the
> Advanced Encryption Standard (AES). We really need to support that
> algorithm. There is a reason why ODF 1.3 recommends it. There are
> regulations in several countries that specify wh
F 1.2 specification and only the one is
> required.
>
> - Dennis
>
> -Original Message-
> From: Mathias Bauer [mailto:mathias_ba...@gmx.net]
> Sent: Friday, September 16, 2011 15:40
> To: ooo-dev@incubator.apache.org
> Subject: Re: AOOo can't save passwort
+1 to reverting to Blowfish for now.
Also note that we can use BouncyCastle in the future if using java for
this is acceptable.
Pedro.
On Sat, 17 Sep 2011 00:39:31 +0200, Mathias Bauer
wrote:
Hi,
AOOo can't use the nss libraries as easily as it was possible in the
"old" OOo, so perhaps a fi
Hi Dennis
Am 17.09.11 01:51, schrieb Dennis E. Hamilton:
Raphael,
When you set Writer to Save as ODF 1.0/1.1, does
it work then?
Good idea, but it dosn't help
Greetings Raphael
--
My private Homepage: http://www.raphaelbircher.ch/
Raphael,
When you set Writer to Save as ODF 1.0/1.1, does
it work then?
-Original Message-
From: Raphael Bircher [mailto:r.birc...@gmx.ch]
Sent: Thursday, September 15, 2011 15:18
To: ooo-dev@incubator.apache.org
Subject: AOOo can't save passwort protected file
Hi all
Can sa
, September 16, 2011 15:40
To: ooo-dev@incubator.apache.org
Subject: Re: AOOo can't save passwort protected file
Hi,
AOOo can't use the nss libraries as easily as it was possible in the
"old" OOo, so perhaps a fix would be to revert the default encryption
algorithm in AOOo fro
Hi,
AOOo can't use the nss libraries as easily as it was possible in the
"old" OOo, so perhaps a fix would be to revert the default encryption
algorithm in AOOo from AES to Blowfish in 3.4 until we found a
replacement for the AES encryption code from the nss libs.
I know that MPL libs can be used
: AOOo can't save passwort protected file
Hi Dennis
Am 16.09.11 19:47, schrieb Dennis E. Hamilton:
> I use a series of older versions as part of my document forensics work. In
> particular, I keep ODF 1.1 processors around.
>
> It happened that it is the default application in th
Hi Dennis
Am 16.09.11 19:47, schrieb Dennis E. Hamilton:
I use a series of older versions as part of my document forensics work. In
particular, I keep ODF 1.1 processors around.
It happened that it is the default application in the same VM where I have
OOo-dev 3.4 installed. So it opened by
Original Message-
> From: Rob Weir [mailto:robw...@apache.org]
> Sent: Friday, September 16, 2011 10:30
> To: ooo-dev@incubator.apache.org
> Subject: Re: AOOo can't save passwort protected file
>
> On Fri, Sep 16, 2011 at 1:24 PM, Dennis E. Hamilton
> wrote:
>&g
Message-
> From: Raphael Bircher [mailto:r.birc...@gmx.ch]
> Sent: Friday, September 16, 2011 01:01
> To: ooo-dev@incubator.apache.org
> Subject: Re: AOOo can't save passwort protected file
>
> Hi Dennis
>
> Thank you for the test too
>
> Am 16.09.11 03:19, s
n't run that build, or I would do this myself.)
-Original Message-
From: Raphael Bircher [mailto:r.birc...@gmx.ch]
Sent: Friday, September 16, 2011 01:01
To: ooo-dev@incubator.apache.org
Subject: Re: AOOo can't save passwort protected file
Hi Dennis
Thank you for the test
-
> From: Raphael Bircher [mailto:r.birc...@gmx.ch]
> Sent: Friday, September 16, 2011 01:01
> To: ooo-dev@incubator.apache.org
> Subject: Re: AOOo can't save passwort protected file
>
> Hi Dennis
>
> Thank you for the test too
>
> Am 16.09.11 03:19, schrieb Dennis
I would do this myself.)
-Original Message-
From: Raphael Bircher [mailto:r.birc...@gmx.ch]
Sent: Friday, September 16, 2011 01:01
To: ooo-dev@incubator.apache.org
Subject: Re: AOOo can't save passwort protected file
Hi Dennis
Thank you for the test too
Am 16.09.11 03:19, schrieb Den
Hi Jürgen
Exactly, I used --disable-copyleft wich automaticly use
--disable-mozilla. Thanks, for your information. I assume that this has
samething to do with the copyleft removal.
Greetings Raphael
Am 16.09.11 10:30, schrieb Jürgen Schmidt:
Hi Raphael,
i assume you have built your office
hi, Jürgen
Yes, I built AOOo with argument "--disable-mozilla". I will try to
rebuild AOOo without that arg.
Do we have any alternative way to solve the problem quickly? For
example, put mozilla library into someplace? Thanks!
On Fri, 2011-09-16 at 10:30 +0200, Jürgen Schmidt wrote:
> Hi Raphae
Hi Raphael,
i assume you have built your office with at least --disable-mozilla,
correct? As far as i know the password encryption used some stuff from the
mozilla code. So there will be a problem.
Juergen
On Fri, Sep 16, 2011 at 10:01 AM, Raphael Bircher wrote:
> Hi Dennis
>
> Thank you for
Hi Dennis
Thank you for the test too
Am 16.09.11 03:19, schrieb Dennis E. Hamilton:
I can't confirm with an AOOo Build, but I did check the OOO-dev 3.4 on win32 to
see if the problem existed previously. I was able to password protect
(encrypt) a simple Writer document. It saved and opened f
hi, Raphael
I built out AOOo on my Ubuntu 11 days ago. Just now, I tried the steps
you described. The results are that :
1) There will be a general IO error, when saving the document with
password to ODT format. Please refer to the snapshot attached.
2) If change to DOC format, there is no
queue
of documents awaiting forensic analysis.
- Dennis
-Original Message-
From: Raphael Bircher [mailto:r.birc...@gmx.ch]
Sent: Thursday, September 15, 2011 15:18
To: ooo-dev@incubator.apache.org
Subject: AOOo can't save passwort protected file
Hi all
Can sameone confirm the fl
Hi all
Can sameone confirm the flowing on a AOOo Build?
Steps to reproduce
- Open a new Writer Document
- Write same text
- Save as
- check password protection and choice a name
- press enter and give in a passwort and confirm it
Result:
I get a error that the document can't be saved.
Greetin
45 matches
Mail list logo