[Kolab-devel] caldav backend to calender plugin
Thomas Brüderli
bruederli at kolabsys.com
Mon Mar 24 15:27:16 CET 2014
Daniel Morlock wrote:
> Hi Thomas,
>
> sorry I forgot your point about the password encryption. Michael
> Rasmussen suggested to use the mcrypt based methods described here:
> http://stackoverflow.com/questions/5089841/php-2-way-encryption-i-need-to-store-passwords-that-can-be-retrieved
> instead of the native rcube::encrypt, rcube::decrypt methods that are
> based on DES which "is ... considered to be insecure for many
> applications" (http://en.wikipedia.org/wiki/Data_Encryption_Standard).
I assumed something like that. But the fine way to deal with this would
be to "fix" the weak encryption in Roundcube core. An according feature
request is filed now: http://trac.roundcube.net/ticket/1489719
>
> Please note that I'm not a crypto-specialist, so feel free to correct me
> if I'm wrong =)
Me neither. But see above.
~Thomas
More information about the devel
mailing list