--M9NhX3UHpAaciwkO
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

hi,

my $.02

On Thu, May 23, 2002 at 07:42:07AM -0400, Sean Davis wrote:
> On Thu, May 23, 2002 at 07:35:12AM -0400, Steven M. Bellovin wrote:
> > In my opinion, there's no technical reason to do it.  If you want to=20
> > add a new scheme, SHA512 would be a much better choice.  The only=20
> > reason I can see is password file compatibility with OpenBSD.
>=20
> That is the main reason it seems like a useful idea to me,
>
> [...]

well, if someone is going to add new algorithm i am for adding support
for blowfish too, if nothing else just for compatibility with OpenBSD
password files.  SHA512 is ok for me.

> > First, passwords are not "encrypted", they're *hashed*.  That is,=20
> > encryption has the property that it's reversible; one can go from the=
=20
> > ciphertext to the plaintext.  The password scheme is by intent=20
> > irreversible (see the Morris and Thompson paper in the November 1979=20
> > issue of CACM -- which, come to think of it, might be in the=20
> > newly-freed Unix documents) for more details on the design.

this one?

 Password Security:  A Case History Encryption Computing

  Robert Morris
  Ken Thompson

  April 3, 1978


regards,

--=20
-- Lubomir Sedlacik <salo@Xtrmntr.org>   ASCII Ribbon campaign against  /"\=
 --
--                  <salo@silcnet.org>   e-mail in gratuitous HTML and  \ /=
 --
--                                       Microsoft proprietary formats   X =
 --
-- PGPkey: http://Xtrmntr.org/salo.pgp                                  / \=
 --
-- Key Fingerprint: DBEC 8BEC 9A90 ECEC 0FEF  716E 59CE B70B 7E3B 70E2     =
 --

--M9NhX3UHpAaciwkO
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (NetBSD)

iD8DBQE87PB/Wc63C347cOIRAk2YAKDR6kZ0k5U99m5VZMDjCBgz3Xp8DwCdFRWU
EB68x+A5VKUhcJNftp2IoNU=
=xR+V
-----END PGP SIGNATURE-----

--M9NhX3UHpAaciwkO--