Subject: Re: PROPOSAL: adding capability for blowfish passwords
To: Steven M. Bellovin <>
From: Andrew Brown <>
List: current-users
Date: 05/24/2002 13:49:47
>>> 	hmm.  i see.  we should implement $2$ as openbsd does (there's no need
>>> 	to be different), and the above algorithm can become $3$.
>>the $3$ notion is probably an idea to mention on bsd-api-discuss...
>My personal preference would be $hmac-sha512$, but I'm not dogmatic 
>about that.

imho, that makes *so* much more sense than the 2 minutes of obscurity
a given number gives you...

...unless we wanted to get crazy and start putting things like
"hmac-sha512@NetBSD" in there to imply a "vendor specific" nature to
the algorithm.

|-----< "CODE WARRIOR" >-----|             * "ah!  i see you have the internet (Andrew Brown)                that goes *ping*!"       * "information is power -- share the wealth."