You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In #36 (comment), it was mentioned again that Transit <v0.6.2 convergent encryption keys are weak (and the v2 convergent encryption scheme was as well, though less so). We should consider fully removing support for these operations so we can avoid a repeat of the vulnerability that occurred as a result of this old code paths being supported.
This probably warrants a bigger discussion about deprecation paths. This version is very old, upstream has not supported it for years, but yet the one-shot upgrade path (and necessity to decrypt existing data and prevent workflow breakage) has caused support to remain.
The text was updated successfully, but these errors were encountered:
In #36 (comment), it was mentioned again that Transit <v0.6.2 convergent encryption keys are weak (and the v2 convergent encryption scheme was as well, though less so). We should consider fully removing support for these operations so we can avoid a repeat of the vulnerability that occurred as a result of this old code paths being supported.
This probably warrants a bigger discussion about deprecation paths. This version is very old, upstream has not supported it for years, but yet the one-shot upgrade path (and necessity to decrypt existing data and prevent workflow breakage) has caused support to remain.
The text was updated successfully, but these errors were encountered: