Skip to content

Add caveats section in the doc of crypto #3479

Closed
shigeki wants to merge 7 commits intonodejs:masterfrom
shigeki:doc_crypto_caveats
Closed

Add caveats section in the doc of crypto #3479
shigeki wants to merge 7 commits intonodejs:masterfrom
shigeki:doc_crypto_caveats

Conversation

@shigeki
Copy link
Contributor

@shigeki shigeki commented Oct 22, 2015

This is originally from nodejs/node-v0.x-archive#25564.

This adds caveats section in the crypto api documentation to notify users of the risks of weak algorithms and small keys and revises examples to use safe ones.

Fix: #3406

Shigeki Ohtsu and others added 5 commits October 22, 2015 11:06
doc: add caveats of algs and key size in crypto
e4ef21e 
Add description of user responsibility in the choice of cypto
algorithms and its key length. Some of recommendations for the safer
use are also described.
@thinred
change "more than" to "at least"
875f6ab
@thinred
update getDiffieHellman docs
3db5f4f
docs: remove md5 and sha1 in crypto example
bbe1076
@thinred
sha1 -> sha265
220a635
jasnell
jasnell reviewed Oct 22, 2015
View reviewed changes
doc/api/crypto.markdown Outdated
Copy link
Member

@jasnell jasnell Oct 22, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"... that are considered to be too weak for safe use."

@jasnell
Copy link
Member

jasnell commented Oct 22, 2015

Looks good in general but a few nits.

@shigeki
Copy link
Contributor Author

shigeki commented Oct 22, 2015

@jasnell Thanks. I revised the doc and add a commit.

@brendanashworth brendanashworth added crypto Issues and PRs related to the crypto subsystem. doc Issues and PRs related to the documentations. labels Oct 22, 2015
jasnell
jasnell reviewed Oct 22, 2015
View reviewed changes
doc/api/crypto.markdown Outdated
Copy link
Member

@jasnell jasnell Oct 22, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"And the API also allows the use of ciphers and hashes with a" (replace to with the)

@jasnell
Copy link
Member

jasnell commented Oct 22, 2015

Thank you @shigeki ... just a few more I promise ;-). It's great that these recommendations are being updated!

@shigeki
Copy link
Contributor Author

shigeki commented Oct 22, 2015

@jasnell Thanks for reviewing. It is very helpful for me to correct my English. I appreciate that. The additional fix was made in db5b6e2. Commits will be squashed later.

@jasnell
Copy link
Member

jasnell commented Oct 22, 2015

LGTM! Thanks @shigeki !

@jasnell
Copy link
Member

jasnell commented Oct 22, 2015

@indutny ... any feedback before I land?

@jasnell
Copy link
Member

jasnell commented Oct 28, 2015

@indutny ... ping?

shigeki pushed a commit that referenced this pull request Nov 5, 2015
@jasnell
doc: add caveats of algs and key size in crypto
017fc5b 
Add description of user responsibility in the choice of cypto
algorithms and its key length. Some of recommendations for the safer
use are also described.

PR-URL: #3479
Reviewed-By: James M Snell <jasnell@gmail.com>
@jasnell
Copy link
Member

jasnell commented Nov 5, 2015

Landed in 017fc5b

@jasnell jasnell closed this Nov 5, 2015
@Fishrock123 Fishrock123 mentioned this pull request Nov 6, 2015
Closed
shigeki pushed a commit that referenced this pull request Nov 7, 2015
@rvagg
doc: add caveats of algs and key size in crypto
44f779b 
Add description of user responsibility in the choice of cypto
algorithms and its key length. Some of recommendations for the safer
use are also described.

PR-URL: #3479
Reviewed-By: James M Snell <jasnell@gmail.com>
@Fishrock123 Fishrock123 mentioned this pull request Nov 11, 2015
Merged
shigeki pushed a commit that referenced this pull request Nov 16, 2015
doc: add caveats of algs and key size in crypto
4a94c0a 
Add description of user responsibility in the choice of cypto
algorithms and its key length. Some of recommendations for the safer
use are also described.

PR-URL: #3479
Reviewed-By: James M Snell <jasnell@gmail.com>
@MylesBorins
Copy link
Contributor

MylesBorins commented Nov 16, 2015

landed in lts-v4.x-staging as 4a94c0a

@rvagg rvagg mentioned this pull request Nov 17, 2015
Closed
shigeki pushed a commit that referenced this pull request Dec 4, 2015
@rvagg
doc: add caveats of algs and key size in crypto
28474ef 
Add description of user responsibility in the choice of cypto
algorithms and its key length. Some of recommendations for the safer
use are also described.

PR-URL: #3479
Reviewed-By: James M Snell <jasnell@gmail.com>
@jasnell jasnell mentioned this pull request Dec 17, 2015
Closed
shigeki pushed a commit that referenced this pull request Dec 17, 2015
@jasnell
doc: add caveats of algs and key size in crypto
d1b5833 
Add description of user responsibility in the choice of cypto
algorithms and its key length. Some of recommendations for the safer
use are also described.

PR-URL: #3479
Reviewed-By: James M Snell <jasnell@gmail.com>
shigeki pushed a commit that referenced this pull request Dec 23, 2015
@jasnell
doc: add caveats of algs and key size in crypto
b213559 
Add description of user responsibility in the choice of cypto
algorithms and its key length. Some of recommendations for the safer
use are also described.

PR-URL: #3479
Reviewed-By: James M Snell <jasnell@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

crypto Issues and PRs related to the crypto subsystem. doc Issues and PRs related to the documentations.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@shigeki @jasnell @MylesBorins @brendanashworth @thinred