Package: qpdf Version: 5.1.2-2 Severity: wishlist Dear Maintainer,
The "--encrypt" command must be followed by this sequence of options: user-password owner-password key-length [restrictions] -- The owner-password is not for encryption, and only useful when applying (the probably infrequent) use-case restrictions (which client applications may optionally choose to enforce or disregard). When unrestricted access to an encrypted document is needed, this syntax encourages users to choose the same password for both the user password and the owner password. If I understand the PDF spec correctly, it actually compromises security to have an owner password because it's visible to the client application. Well, I'm fuzzy on that aspect. But in any case, key-length should not come after owner-password, and owner password should be among the optional restrictions and pre-emptable by a --, so that a document may be encrypted without usage restrictions. Also, it would be useful if the defaults for these options were documated somewhere: --print=print-opt --modify=modify-opt --use-aes The defaults are not documented in 'man qpdf', 'qpdf --help', or in /usr/share/doc/qpdf. Thanks. -- System Information: Debian Release: 8.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages qpdf depends on: ii libc6 2.19-18+deb8u1 ii libgcc1 1:4.9.2-10 ii libpcre3 2:8.35-3.3 ii libqpdf13 5.1.2-2 ii libstdc++6 4.9.2-10 ii zlib1g 1:1.2.8.dfsg-2+b1 qpdf recommends no packages. qpdf suggests no packages. -- no debconf information
