Jonathan Ellis wrote:
Makes me feel that there is actually a roadmap somewhere? Or is it just the mailing archive.We should probably use http://www.mindrot.org/projects/jBCrypt/. (Lots of background: http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html)We kind of have a nagging feeling though that rolling our own auth framework in 2010 is the wrong approach.
./Morten
