New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecate the ability to encrypt posts #1547
Comments
We are aware of the issues connected with this misfeature. It was (probably) inspired by WordPress, which has the comfort of being able to do it with dynamic pages and a database. Putting up some big and scary warnings now. One day, the thing should be disabled altogether. |
I have some comments on that:
So instead of deprecating the feature, I'd suggest to:
Cheers, |
The Introduced here: http://ralsina.me/weblog/posts/the-password-is-password-follow-the-link-to-see-what-i-mean.html I found a total of two actual posts using this feature all over the Internet. (not posting links here for the safety of those people) |
In that case, deprecating it seems fine, and leaving improving the thing (by using another cipher, such as ChaCha20, and some kind of MAC) to later in case there's more interest in using the feature. |
There is no way to implement this in a safe and secure manner, specially since you'd need to find two implementations of whatever crypto system you prefer, one in JS and one in Python, which are mutually inteligible and both safe. OTOH this is meant for things like "use this password to read this review, it has spoilers" rather than "here are the diagrams to my secret terror weapon, don't tell anyone". The feature not being in other SSGs is hardly important, and as long as it breaks nothing (and it doesn't) I don't see why it needs removing. Unless you actually use it, it will do nothing to your output. |
OTOOH I could reimplement this as a restructured text directive which is niftier and would allow it to be a plugin cleanly. |
I tried to use it once. I think to create two views of my blog, for different groups of people. It did not work out very well for some reason, so I removed the pages instead. I think initially I tried it also for general access control, but then ran into some kind of wall. Thus I went with HTTP Basic authentication instead. I manage it through (manually set up) Mercurial post-receive hooks. The result looks a lot more technical and ugly than an in-page password field might, is not very nice to setup, but it was ok for my usecase. |
For hiding spoilers, people should simply use white-on-white text and tell users to mark the spoilerish part of the page. |
It appears that there's an option to encrypt posts using a password, I suggest that this option should be deprecated for a number of reasons:
I've also quickly skimmed a couple other static site generators, namely (Jekyll, Hyde, Hakyll and Frozen-flask) and I don't think they offer an option to encrypt posts.
[1] http://blogs.technet.com/b/srd/archive/2013/11/12/security-advisory-2868725-recommendation-to-disable-rc4.aspx
[2] http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4.html
[3] https://tools.ietf.org/html/draft-ietf-tls-prohibiting-rc4-01
[4] http://security.stackexchange.com/a/18198
[5] http://matasano.com/articles/javascript-cryptography/
The text was updated successfully, but these errors were encountered: