Re: Which password cipher ?

To: "current-users%netbsd.org@localhost" <current-users%NetBSD.org@localhost>
Subject: Re: Which password cipher ?
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Wed, 1 Dec 2010 18:07:39 -0500

On Thu, Dec 02, 2010 at 12:02:32AM +0100, Joerg Sonnenberger wrote:
> 
> It discusses some of the possible attack vectors. IMO we should make the
> Blowfish or SHA1 based cypher the default and not ask. The only case

Then it should be SHA1, because that's the only choice various standards
will allow (the only Approved underlying cryptographic algorithm).

The problem is NIS.  There interoperability is a real issue, and we
probably do need to ask.

-- 
  Thor Lancelot Simon                                        
tls%rek.tjls.com@localhost

  "We cannot usually in social life pursue a single value or a single moral
   aim, untroubled by the need to compromise with others."      - H.L.A. Hart

Follow-Ups:
- Re: Which password cipher ?
  - From: Joerg Sonnenberger

References:
- Which password cipher ?
  - From: Joel Carnat
- Re: Which password cipher ?
  - From: Steven Bellovin
- Re: Which password cipher ?
  - From: Joerg Sonnenberger

Prev by Date: Re: Which password cipher ?
Next by Date: Re: Which password cipher ?
Previous by Thread: Re: Which password cipher ?
Next by Thread: Re: Which password cipher ?
Indexes:

Home | Main Index | Thread Index | Old Index