PKWare and Winzip Reach A Secure Zip Compromise
richard_za writes "Until now the rival compression software vendors PKWare and Winzip have had different (incompatible) ways of password protecting the ZIP format. In a bid to prevent fragmentation of the standard they have agreed to have their software support opening of the other's files. They have however not agreed to support a single standard. PKZip's encryption is RSA-based while Winzip use an AES approach which is fully documented here.
The Register is running this story. PKWare has this press release."
if either program opens the others files the user wont (and shouldn't have to) give a shit which method is used.
"As long as it works"
You can't expect to wield supreme executive power, just because some watery tart threw a sword at you
Zip file management has virtually been absorbed into both Windows and Linux, and even if these two vendors agreed on a standard it would not mean much. PKzip became irrelevant when Infozip's portable zip tool became widely available, around 15 years ago. Further, all archiving tools today already deal with such a variety of formats that I can't see the crying need for a standard.
Ceci n'est pas une signature
There is still a problem with interoperability at the level of creating encrypted ZIP files. There is no longer a problem with interoperability at the level of reading encrypted ZIP files. The best way for this problem to go away would be for PKWARE to expand the SecureZIP standard to include RSA and AES encryption.
As plugins to existing applications are so popular these days, I see this issue as an irrelevance.
/path -Bxvf -
Both sides are competing using incompatible creeping featurism. Last I looked, Zip applications where supposed to combine and squash files (and that was enough).
What should be done is to separate the operations:
- file browsing (WinRAR's interface trumps both)
- archiving (combining files)
- compression
- encryption
and implement the latter three as functions of the first using plugins (and let the user choose).
Incidentally, Zip's file format (directory last) sucks. It is practically impossible to do the following using zip:
tar Bcf - . | gzip -1c | rsh -n over_there gzip -dc | tar -C
To this end, plugins suggested above should be written as filters where possible.
I have no problem with browser-like interfaces combining other functions, but the Golden Rule still stands: One Tool, One Job.