Opened 12 years ago
Closed 9 years ago
#7704 closed task (wontfix)
refactor dojox.sql
Reported by: | Adam Peller | Owned by: | Tom Trenka |
---|---|---|---|
Priority: | high | Milestone: | future |
Component: | Dojox | Version: | 1.2beta |
Keywords: | Cc: | Jared Jurkiewicz, Brad Neuberg | |
Blocked By: | Blocking: |
Description (last modified by )
Filed new ticket for the dojox.storage dependency (see #8765)
Once that is taken care of, if only dojox.off depends on dojox.sql, I suggest we pull the code into the off subproject, since it does not seem to merit a standalone subproject nor is it drawing any activity or contributions.
Change History (11)
comment:1 Changed 12 years ago by
comment:3 Changed 12 years ago by
and shouldn't the crypto code live in dojox.encoding with Dojo's other crypto code?
comment:4 Changed 12 years ago by
Milestone: | tbd → 1.3 |
---|---|
Owner: | changed from dante to Tom Trenka |
per discussion with brad and ttrenka, it looks like we should move the crypto code to dojox.encoding, remove the dojox.storage dependency on dojox.sql, and move the remaining module into dojox.off.
comment:5 Changed 12 years ago by
Summary: | dojox.sql needs a README → refactor dojox.sql |
---|
comment:6 Changed 12 years ago by
Cc: | Jared Jurkiewicz Brad Neuberg added |
---|---|
Type: | defect → task |
comment:7 Changed 12 years ago by
Milestone: | 1.3 → 1.4 |
---|
lets give dojox some structure for 1.4 preparing for a breakout of cycle.
comment:8 Changed 12 years ago by
Resolution: | → wontfix |
---|---|
Status: | new → closed |
So in working on other AES implementations, I noticed that the implementation in dojox.sql will, in general, only work for itself; it uses a nonce for an initialization vector and includes that (with a "-" delimiter for ciphertext blocks) along with the ciphertext.
The problem with this is that it's highly non-standard (though a suggested security fix), and that means it will not play well with other implementations of AES. In addition, since there may or may not be existing local storages that already contain encrypted text based on this code, we really can't remove it or alter it at all.
Because of that, I'm closing out this ticket as "wontfix" :(
comment:9 Changed 12 years ago by
Description: | modified (diff) |
---|---|
Resolution: | wontfix |
Status: | closed → reopened |
comment:10 Changed 11 years ago by
Milestone: | 1.4 → future |
---|
comment:11 Changed 9 years ago by
Resolution: | → wontfix |
---|---|
Status: | reopened → closed |
Sorry Adam...don't think we're coming back to this, and I doubt it will be included in the 2.x line of DTK. Reclosing as "wontfix".
and if there's a CLA in place, do we really need a LICENSE file?