Update notes on API changes for weak crypto

author: Jay Berkenbilt <ejb@ql.org> 2021-11-16 23:10:00 +0100
committer: Jay Berkenbilt <ejb@ql.org> 2021-11-19 21:20:12 +0100
commit: a63623adce8903724a8911ac3baaeb748610c24d (patch)
tree: bbc4a8385eb4f9953c958f6f71e6c408f88723cd /TODO
parent: f9fc57d24c539bed8e0ac0011dba6adec589a665 (diff)
download: qpdf-a63623adce8903724a8911ac3baaeb748610c24d.tar.zst
1 files changed, 6 insertions, 1 deletions
diff --git a/TODO b/TODO
index 39631885..4b205e1e 100644
--- a/TODO
+++ b/TODO
@@ -193,7 +193,12 @@ Comments appear in the code prefixed by "ABI"
     creation of files with insecure crypto. Maybe
     QPDFWriter::allowWeakCrypto. Call this when --allow-weak-crypto is
     passed and probably also when copying encryption by default from
-    an input file.
+    an input file. There should be some API change so that, when
+    people recompile with qpdf 11, their code won't suddenly stop
+    working. Getting this right will take careful consideration of the
+    developer and user experience. We don't want to create a situation
+    where exactly the same code fails to work in 11 but worked on 10.
+    See #576 for latest notes.
   * Change deterministic id to use something other than MD5 but allow
     the old way for compatibility -- maybe rename the method to force
     the developer to make a choice
author	Jay Berkenbilt <ejb@ql.org>	2021-11-16 23:10:00 +0100
committer	Jay Berkenbilt <ejb@ql.org>	2021-11-19 21:20:12 +0100
commit	a63623adce8903724a8911ac3baaeb748610c24d (patch)
tree	bbc4a8385eb4f9953c958f6f71e6c408f88723cd /TODO
parent	f9fc57d24c539bed8e0ac0011dba6adec589a665 (diff)
download	qpdf-a63623adce8903724a8911ac3baaeb748610c24d.tar.zst