From 750aca5b94351f730fa768b07caa3fc26c8d27c0 Mon Sep 17 00:00:00 2001
From: Jay Berkenbilt <ejb@ql.org>
Date: Wed, 10 Nov 2021 17:57:12 -0500
Subject: First increment of improving handling of weak crypto (fixes #358)

---
 TODO | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'TODO')

diff --git a/TODO b/TODO
index c98179c3..39631885 100644
--- a/TODO
+++ b/TODO
@@ -187,6 +187,23 @@ Comments appear in the code prefixed by "ABI"
   before copying, though maybe we don't because it could cause
   multiple copies to be made...usually it's better to handle that
   explicitly.
+* Deal with weak cryptographic algorithms:
+  * Github issue #576
+  * Add something to QPDFWriter that you must call in order to allow
+    creation of files with insecure crypto. Maybe
+    QPDFWriter::allowWeakCrypto. Call this when --allow-weak-crypto is
+    passed and probably also when copying encryption by default from
+    an input file.
+  * Change deterministic id to use something other than MD5 but allow
+    the old way for compatibility -- maybe rename the method to force
+    the developer to make a choice
+  * Find other uses of MD5 and find the ones that are discretionary,
+    if any
+  * Have QPDFWriter raise an exception if it's about to write using
+    weak crypto and hasn't been given permission
+  * Search for --allow-weak-crypto in the manual and in qpdf.cc's help
+    information
+  * Update the ref.weak-crypto section of the manual
 
 Page splitting/merging
 ======================
-- 
cgit v1.2.3-70-g09d2