Subject: [gallwey@Sun.COM: [xml-dev] Encryption]
From: Sam TH (sam@uchicago.edu)
Date: Tue Apr 24 2001 - 10:29:15 CDT
This is what OpenOffice is doing.
sam th --- sam@uchicago.edu --- http://www.abisource.com/~sam/
OpenPGP Key: CABD33FC --- http://samth.dyndns.org/key
DeCSS: http://samth.dyndns.org/decss
attached mail follows:
Hi folks,
It is necessary to support encryption within our package files, so we've
decided to use the Blowfish algorithm with a 128 bit key and this has been
approved by Sun's legal department so that we can use it in both
Staroffice and Openoffice and export is allowed. Schneier says that for
cipher feedback (CFB) mode encryption, a unique initialisation vector (IV)
is required and it is also possible that we will support different or
multiple encryption algorithms in the future, so I'd like to update the
manifest DTD to the following:
<!ELEMENT manifest:manifest (manifest:file-entry+)>
<!ATTLIST manifest:manifest xmlns:manifest CDATA #FIXED
"http://openoffice.org/2001/manifest">
<!ELEMENT manifest:file-entry (manifest:encryption-data?)>
<!ATTLIST manifest:file-entry
manifest:full-path CDATA #REQUIRED
manifest:media-type CDATA #REQUIRED
>
<!ELEMENT manifest:encryption-data (manifest:initialisation-vector?)>
<!ATTLIST manifest:encryption-data
manifest:algorithm CDATA #REQUIRED>
<!-- the initialisation-vector should be base-64 encoded -->
<!ELEMENT manifest:initialisation-vector (#PCDATA)>
My initial idea was to use the 'extra' field inside the zip file, but that
seemed to be a kludge.
What do you think, Daniels?
Marty
--
{Star|Open} Office Developer / Hamburg
---------------------------------------------------------------------
To unsubscribe, e-mail: xml-dev-unsubscribe@openoffice.org
For additional commands, e-mail: xml-dev-help@openoffice.org
This archive was generated by hypermail 2b25 : Tue Apr 24 2001 - 10:16:29 CDT