Follow-up Comment #6, bug #51666 (project wget): Thank you for your feedback.
Regarding the salt: I used one because OpenSSH uses one and that was both what the original bug report references, and written by somebody likely more experienced than me Re: security. If you want me to remove the salting or something I can do so. This version of the patch (only one this time, because there's little point in only separating adding the tests) has the following changes from the previous patchset: * Uses gnulib hashing functions instead of gnutls/openssl ones (Sorry, I didn't know gnulib had those!). * Fixes the interleaved versions duplicate entry thing. * Adds dependency on gnulib's crypto/gc and crypto/gc-random (not any crypto/gc-<hash algorithm>) to generate decent quality randomness for the salt. Seeing as the salt apparently isn't that important, I guess it could be switched to random_number if this is a problem. * In case someone does want to switch to crypto/gc-<hash algorithm> in the future (to easily add another hashing algorithm or something), the prefix was switched from 1 to 5 to match the value of GC_SHA256 in gc.h. (file #44848) _______________________________________________________ Additional Item Attachment: File name: 0001-Hash-domains-in-HSTS-database-to-improve-privacy.patch Size:25 KB _______________________________________________________ Reply to this item at: <http://savannah.gnu.org/bugs/?51666> _______________________________________________ Message sent via Savannah https://savannah.gnu.org/