Mention that the timestamp is plaintext

author: Alex Gaynor <alex.gaynor@gmail.com> 2013-12-17 20:43:59 -0800
committer: Alex Gaynor <alex.gaynor@gmail.com> 2013-12-17 20:43:59 -0800
commit: 05515723738870170b05b47ee260564b9ebe62f9 (patch)
tree: 024718bc10746a673830bad8d255ade6f8904837 /docs/fernet.rst
parent: 0d0896319f59fe7b03d8ef6a153275f87816976b (diff)
download: cryptography-05515723738870170b05b47ee260564b9ebe62f9.tar.gz
cryptography-05515723738870170b05b47ee260564b9ebe62f9.tar.bz2
cryptography-05515723738870170b05b47ee260564b9ebe62f9.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/docs/fernet.rst b/docs/fernet.rst
index 0122e364..a47ae2e3 100644
--- a/docs/fernet.rst
+++ b/docs/fernet.rst
@@ -39,7 +39,10 @@ using it cannot be manipulated or read without the key.
         :param bytes plaintext: The message you would like to encrypt.
         :returns bytes: A secure message which cannot be read or altered
                         without the key. It is URL-safe base64-encoded. This is
-                        refered to as a "Fernet token".
+                        refered to as a "Fernet token". Note that this *does*
+                        contain the current time when it was generated in
+                        plaintext, the time a message was created will
+                        therefore be visible to a possible attacker.
 
     .. method:: decrypt(token, ttl=None)
author	Alex Gaynor <alex.gaynor@gmail.com>	2013-12-17 20:43:59 -0800
committer	Alex Gaynor <alex.gaynor@gmail.com>	2013-12-17 20:43:59 -0800
commit	05515723738870170b05b47ee260564b9ebe62f9 (patch)
tree	024718bc10746a673830bad8d255ade6f8904837 /docs/fernet.rst
parent	0d0896319f59fe7b03d8ef6a153275f87816976b (diff)
download	cryptography-05515723738870170b05b47ee260564b9ebe62f9.tar.gz cryptography-05515723738870170b05b47ee260564b9ebe62f9.tar.bz2 cryptography-05515723738870170b05b47ee260564b9ebe62f9.zip