mirror of https://github.com/docker/cli.git
15535d4594
> Legacy PEM encryption as specified in RFC 1423 is insecure by design. Since > it does not authenticate the ciphertext, it is vulnerable to padding oracle > attacks that can let an attacker recover the plaintext From https://go-review.googlesource.com/c/go/+/264159 > It's unfortunate that we don't implement PKCS#8 encryption so we can't > recommend an alternative but PEM encryption is so broken that it's worth > deprecating outright. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> |
||
---|---|---|
.. | ||
command | ||
compose | ||
config | ||
connhelper | ||
context | ||
debug | ||
flags | ||
manifest | ||
registry/client | ||
streams | ||
trust | ||
version | ||
winresources | ||
cobra.go | ||
cobra_test.go | ||
error.go | ||
required.go | ||
required_test.go |