From 349ed79b4c480770c5af234403ca54c5f14124a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rodolphe=20Br=C3=A9ard?= Date: Sun, 25 Feb 2024 23:05:22 +0100 Subject: [PATCH] Update the readme --- README.md | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 4d82488..4728b49 100644 --- a/README.md +++ b/README.md @@ -27,17 +27,12 @@ Although this crate aim to reduce the risk of misuse, it is still possible to us ## Should I use this crate? -No, absolutely not. It doesn't even work yet. +Although it may work, some parts are not stabilized yet. Expect breaking change that may result in the total loss of previously encrypted data. ## Why should I use this crate instead of a symmetric encryption function? -Cryptography is hard. Even if you have some knowledge about this topic and pay attention not no mess up, you will eventually mess-up anyway. - -Seriously, this crate is designed to prevent some of the most common pitfalls. If you don't see why you need this crate, you probably don't see those pitfalls and you will fall into it. - -## Why is the context so important? - -When correctly used, it prevents from a confused deputy attack. Chose wisely. +1. Strong algorithms only. If you don't know which one to chose, Coffio provides strong defaults. +2. Key management is hard. Coffio largely simplifies it in a way it becomes largely accessible. ## Why has this crate not been audited by a security professional?