Rob, What are you talking about?
There is no new draft of Part 3 for ODF 1.3 and ODF 1.2 does *not* recommend AES. This has nothing to do with history lessons about NIST choice of encryption methods. (And did you know they are starting the look for AES replacement now?) In any case, I would be shocked to see ODF encryption use, with *any* encryption method whatsoever, in official secure communications or as a recommended method even for secure commercial communications. As you said earlier, ODF encryption is likely valuable mainly for confined, personal usage of "Save As ... Password Protected." There is no need to upgrade for that purpose, especially unilaterally without user control. Pity the user who has upgraded at home but not at the office (or vice versa) and who encrypted a file for carrying from one place to another and now can't open it at the destination. - Dennis -----Original Message----- From: Rob Weir [mailto:robw...@apache.org] Sent: Saturday, September 17, 2011 05:45 To: ooo-dev@incubator.apache.org Subject: Re: AOOo can't save passwort protected file On Fri, Sep 16, 2011 at 7:51 PM, Dennis E. Hamilton <dennis.hamil...@acm.org> wrote: > I think reverting to Blowfish with 8-bit CFB and the default algorithms is a > good idea regardless. > [ ... ] When the competition for a new algorithm ended, the winner was the Advanced Encryption Standard (AES). We really need to support that algorithm. There is a reason why ODF 1.3 recommends it. [ ... ]