Subject: Re: encryption
From: Leonard Rosenthol (leonardr@lazerware.com)
Date: Mon Apr 23 2001 - 12:34:26 CDT
At 06:06 PM 4/23/2001 +0100, Tomas Frydrych wrote:
>I have been browsing through the users list and one of the requests
>there was for adding encryption to the AW document.
Encryption is a wide open concept. Are we talking password
protection, Digital Rights Management (DRM) Features, what?
>This would be very easy, as Dom pointed out on the users list, but
>there are several issues to be considered. Most importantly, strong
>encryption is illegal in some countries, and is subject to
>(ridiculous) export regulations in the US;
US export restrictions were lifted in January of 2000, HOWEVER
there are some countries that still do maintain restrictions PLUS there are
issues with export into the 7 "bad guy" nations.
>in essence we could not
>distribute source or binaries from a US based server,
This is NO LONGER the case! You are working from old information.
>I do think though that having the capability to encrypt AW
>documents would be useful, and would be happy to implement this
>as a patch, when I have the time.
Before you go off and do this, there are MANY other things to
discuss (IMHO). Why are we encrypting the data? Where do keys (if any)
get stored? What algorithm(s) should we be using, and why? What DRM
support (if any) should we be looking it?
Let's not just do a "quick and dirty hack" here. If we think this
feature is important, let's figure out what the feature really is and the
right way to implement it.
Leonard
This archive was generated by hypermail 2b25 : Mon Apr 23 2001 - 12:32:32 CDT