Tony Arcieri
Tony Arcieri
@zeta12ti if you'd like to publish one last version that'd be good. We generally mark the unmaintained crate notices as having any hypothetical release after the last known released version...
> Both builtin encryption and a “secure” API amount to security theater: file level encryption is for transport security, not for security at rest. @kopischke you should probably take a...
@kopischke I have no idea what you're trying to get at, but as long as we're talking about protecting the integrity of ciphertexts, the current implementation doesn't do that, which...
@kopischke well then, we agree! I was arguing that the best option is to just delete all the current encryption code and let that be that in #694 ;)
@loops ccrypt is using Rijndael (not AES) in unauthenticated CFB mode with a key derived from a simple hash of the password. You'd be better off using gpg2, which supports...
Actually, is it a problem to go ahead and start using this now? It's just an attribute, so older Rust versions should ignore it, right?
With recent MSRV bumps / plans to bump MSRV, we can start considering this
Note that somewhat similarly shaped traits used to exist but were deliberately removed in #1509. cc @rozbb
I think having a trait for capturing these details is good. I'm unclear why we need two traits and why they can't build on each other. It feels like a...
@incertia having a ZST to hang the overall scheme off of seems fine to me, but I would think it would only have associated types for the `Encapsulator` and `Decapsulator`...