Hey Marc.
On Tue, 2024-08-20 at 18:18 +0200, Marc Haber wrote: > This has been three years ago. Are you still interested in > contributing? I kind of oversaw your final reply. Still unsure what we should do, though. As I've said previously, may concerns are a bit vague and I don't want to badmouth apg, when maybe some of the points I was thinking about are not even valid. What about: - mentioning that pronounceable passwords may be less secure - mentioning for the MUST options, that it is not understood by the maintainers of this Debian package, whether the MUST-ones may even reduce security, and refering to this bug? - mentioning that apg is no longer maintained - suggesting diceware Perhaps in some general CAVEATS section in the manpage? Cheers, Chris.
