itojun@iijlab.net writes:
> >My suggested algorithm is this:
> >	s = salt;	/* or s = hmac_sha512(site-specific-string, salt); */
> >	for (i = 0; i < num_iterations; i++)
> >		s = hmac_sha512(password, s);
> 
> 	hmm.  i see.  we should implement $2$ as openbsd does (there's no need
> 	to be different), and the above algorithm can become $3$.

the $3$ notion is probably an idea to mention on bsd-api-discuss...

--
Perry E. Metzger		perry@wasabisystems.com
--
NetBSD: The right OS for your embedded design. http://www.wasabisystems.com/