mattosaurus
commented
1 year ago Yeah, I'm not sure if we want to change the default but adding in a note in the documentation is certainly a good idea.
Closed Liam-Rougoor closed 1 year ago
mattosaurus
commented
1 year ago Yeah, I'm not sure if we want to change the default but adding in a note in the documentation is certainly a good idea.
By default, PGPCore uses TripleDES for symmetric encryption.
TripleDES is being deprecated by some security instutions, like NIST and AES is a (superior?) successor to TripleDES.
Ideally, something like AES should be the default. However, changing the default would introduce a breaking change. I would suggest to at least update the docs to warn against TripleDES.