Good clarification from @dstufft

commit: f7721aaaa14f789e911a61e5e946d618521920a9 [log] [tgz]
author: Alex Gaynor <alex.gaynor@gmail.com> Fri Feb 19 07:11:03 2016 -0500
committer: Alex Gaynor <alex.gaynor@gmail.com> Fri Feb 19 07:11:03 2016 -0500
tree: 545308e0857c0593797006dc89316efd615a46a4
parent: ebcd037216a422ac5ac314099c47cbae02705e4c [diff] [blame]
diff --git a/docs/security.rst b/docs/security.rst
index f937afb..1cc1273 100644
--- a/docs/security.rst
+++ b/docs/security.rst

@@ -28,8 +28,8 @@
 
 Examples of things we wouldn't consider security issues:
 
-* Offering ECB mode for symmetric encryption. Though ECB is critically weak, it
-  is documented as being weak in our documentation.
+* Offering ECB mode for symmetric encryption in the *Hazmat* layer. Though ECB
+  is critically weak, it is documented as being weak in our documentation.
 * Using a variable time comparison somewhere, if it's not possible to
   articulate any particular program in which this would result in problematic
   information disclosure.
commit	f7721aaaa14f789e911a61e5e946d618521920a9	[log] [tgz]
author	Alex Gaynor <alex.gaynor@gmail.com>	Fri Feb 19 07:11:03 2016 -0500
committer	Alex Gaynor <alex.gaynor@gmail.com>	Fri Feb 19 07:11:03 2016 -0500
tree	545308e0857c0593797006dc89316efd615a46a4
parent	ebcd037216a422ac5ac314099c47cbae02705e4c [diff] [blame]