At least the key derivation function isn't as bad as I feared. It might not be standardized but it isn't obviously bad.
An update to warn about a password that contains non-cp1252 characters feels appropriate to me. (Refusing to use non-cp1252 characters less so, but I don't feel strongly about this.)
If one of you does prepare a patch to address this, please do coordinate with the Debian maintainer -- if Debian is the closest there is to upstream, it'd be best to get the patch as high as possible.
Ross, Felix, David, thanks for the feedback.
At least the key derivation function isn't as bad as I feared. It might not be standardized but it isn't obviously bad.
An update to warn about a password that contains non-cp1252 characters feels appropriate to me. (Refusing to use non-cp1252 characters less so, but I don't feel strongly about this.)
If one of you does prepare a patch to address this, please do coordinate with the Debian maintainer -- if Debian is the closest there is to upstream, it'd be best to get the patch as high as possible.
Thanks