Difference between revisions of "Security"

Revision as of 10:30, 10 July 2009

The security project

This wiki page is the collaboration entry point for the OOo security project.

For questions and discussions, please use the new mailing list from the security project: discuss@security.openoffice.org

When you plan to file an issue with regard to security, please make sure to add the keyword security.

General Topics

Digital Signatures

Encryption

Document Integrity

Current Activities

• Digital Signature:
  • Improving the Digital Signature Specification for ODF 1.2
  • Digital Signature Implementation in OOo 3.2
  • Inform the user that OOo's Digital Signatures have no legal value
  • Show a warning for not signed macro streams in documents signed with OpenOffice.org 2.x
• Encryption:
  • Encrypted documents shouldn't have any non encrypted content
  • Improving the Encryption Implementation in OOo 3.2
  • Enhancing the Encryption Specification for ODF 1.2
  • Comply to the updated ODF 1.2 Encryption Specification in OOo 3.2
• Document Integrity:
  • ODF conformance clause
  • Check ODF integrity in OOo 3.2
  • Make sure OOo 3.2 would adhere to the ODF conformance clause

Open Discussions

Protecting the not encrypted manifest.xml in an encrypted document

Notes and Ideas - nothing we currently work on

Different ways of doing encryption and signatures

Public Key Document Encryption

Digital Rights Management

Digital Signatures Framework

Digital Signatures for Extensions

Other Pages

Frequently Asked Questions. Please help us improve the content by editing these pages.