strongly encourage the use of fernet, document its limitation (#3623)

2 files changed, 10 insertions, 0 deletions

diff --git a/docs/fernet.rst b/docs/fernet.rst
index 0c1eb43d..65f70cf4 100644
--- a/docs/fernet.rst
+++ b/docs/fernet.rst
@@ -163,6 +163,13 @@ Specifically it uses:
 
 For complete details consult the `specification`_.
 
+Limitations
+-----------
+
+Fernet is ideal for encrypting data that easily fits in memory. As a design
+feature it does not expose unauthenticated bytes. Unfortunately, this makes it
+generally unsuitable for very large files at this time.
+
 
 .. _`Fernet`: https://github.com/fernet/spec/
 .. _`specification`: https://github.com/fernet/spec/blob/master/Spec.md
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index e99c2c0a..8b047b8c 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -16,6 +16,9 @@ decrypt them.
 For this reason it is **strongly** recommended to combine encryption with a
 message authentication code, such as :doc:`HMAC </hazmat/primitives/mac/hmac>`,
 in an "encrypt-then-MAC" formulation as `described by Colin Percival`_.
+``cryptography`` includes a recipe named :doc:`/fernet` that does this for you.
+**To minimize the risk of security issues you should evaluate Fernet to see if
+it fits your needs before implementing anything using this module.**
 
 .. class:: Cipher(algorithm, mode, backend)