Skip to content

Add caveats section in the doc of crypto #3479

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
shigeki wants to merge 7 commits into from
Closed

Add caveats section in the doc of crypto #3479

shigeki wants to merge 7 commits into from

Conversation

@shigeki
Copy link
Contributor

@shigekishigeki commented Oct 22, 2015

This is originally from nodejs/node-v0.x-archive#25564.

This adds caveats section in the crypto api documentation to notify users of the risks of weak algorithms and small keys and revises examples to use safe ones.

Fix: #3406

Shigeki Ohtsuand others added 5 commits October 22, 2015 11:06
doc: add caveats of algs and key size in crypto
e4ef21e
Add description of user responsibility in the choice of cypto algorithms and its key length. Some of recommendations for the safer use are also described.
@thinred
change "more than" to "at least"
875f6ab
@thinred
update getDiffieHellman docs
3db5f4f
docs: remove md5 and sha1 in crypto example
bbe1076
@thinred
sha1 -> sha265
220a635
jasnell
jasnell reviewed Oct 22, 2015
View reviewed changes
doc/api/crypto.markdown Outdated
Copy link
Member

@jasnelljasnellOct 22, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"... that are considered to be too weak for safe use."

@jasnell
Copy link
Member

jasnell commented Oct 22, 2015

Looks good in general but a few nits.

@shigeki
Copy link
ContributorAuthor

shigeki commented Oct 22, 2015

@jasnell Thanks. I revised the doc and add a commit.

@brendanashworthbrendanashworth added crypto Issues and PRs related to the crypto subsystem. doc Issues and PRs related to the documentations. labels Oct 22, 2015
jasnell
jasnell reviewed Oct 22, 2015
View reviewed changes
doc/api/crypto.markdown Outdated
Copy link
Member

@jasnelljasnellOct 22, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"And the API also allows the use of ciphers and hashes with a" (replace to with the)

@jasnell
Copy link
Member

jasnell commented Oct 22, 2015

Thank you @shigeki ... just a few more I promise ;-). It's great that these recommendations are being updated!

@shigeki
Copy link
ContributorAuthor

shigeki commented Oct 22, 2015

@jasnell Thanks for reviewing. It is very helpful for me to correct my English. I appreciate that. The additional fix was made in db5b6e2. Commits will be squashed later.

@jasnell
Copy link
Member

jasnell commented Oct 22, 2015

LGTM! Thanks @shigeki !

@jasnell
Copy link
Member

jasnell commented Oct 22, 2015

@indutny ... any feedback before I land?

@jasnell
Copy link
Member

jasnell commented Oct 28, 2015

@indutny ... ping?

shigeki pushed a commit that referenced this pull request Nov 5, 2015
@jasnell
doc: add caveats of algs and key size in crypto
017fc5b
Add description of user responsibility in the choice of cypto algorithms and its key length. Some of recommendations for the safer use are also described. PR-URL: #3479 Reviewed-By: James M Snell <[email protected]>
@jasnell
Copy link
Member

jasnell commented Nov 5, 2015

Landed in 017fc5b

@jasnelljasnell closed this Nov 5, 2015
@Fishrock123Fishrock123 mentioned this pull request Nov 6, 2015
Closed
shigeki pushed a commit that referenced this pull request Nov 7, 2015
@rvagg
doc: add caveats of algs and key size in crypto
44f779b
Add description of user responsibility in the choice of cypto algorithms and its key length. Some of recommendations for the safer use are also described. PR-URL: #3479 Reviewed-By: James M Snell <[email protected]>
@Fishrock123Fishrock123 mentioned this pull request Nov 11, 2015
Merged
shigeki pushed a commit that referenced this pull request Nov 16, 2015
doc: add caveats of algs and key size in crypto
4a94c0a
Add description of user responsibility in the choice of cypto algorithms and its key length. Some of recommendations for the safer use are also described. PR-URL: #3479 Reviewed-By: James M Snell <[email protected]>
@MylesBorins
Copy link
Contributor

MylesBorins commented Nov 16, 2015

landed in lts-v4.x-staging as 4a94c0a

@rvaggrvagg mentioned this pull request Nov 17, 2015
Closed
shigeki pushed a commit that referenced this pull request Dec 4, 2015
@rvagg
doc: add caveats of algs and key size in crypto
28474ef
Add description of user responsibility in the choice of cypto algorithms and its key length. Some of recommendations for the safer use are also described. PR-URL: #3479 Reviewed-By: James M Snell <[email protected]>
@jasnelljasnell mentioned this pull request Dec 17, 2015
Closed
shigeki pushed a commit that referenced this pull request Dec 17, 2015
@jasnell
doc: add caveats of algs and key size in crypto
d1b5833
Add description of user responsibility in the choice of cypto algorithms and its key length. Some of recommendations for the safer use are also described. PR-URL: #3479 Reviewed-By: James M Snell <[email protected]>
shigeki pushed a commit that referenced this pull request Dec 23, 2015
@jasnell
doc: add caveats of algs and key size in crypto
b213559
Add description of user responsibility in the choice of cypto algorithms and its key length. Some of recommendations for the safer use are also described. PR-URL: #3479 Reviewed-By: James M Snell <[email protected]>
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

cryptoIssues and PRs related to the crypto subsystem.docIssues and PRs related to the documentations.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@shigeki@jasnell@MylesBorins@brendanashworth@thinred