Package: apg
Version: 2.2.3.dfsg.1-4
Severity: important

Dear Maintainer,

This password generator, build upon a NIST-document from 1993 (which itself is based upon an older offline paper), should probably be reevaluated or contain a big fat warning, since the documents on which it's based are retracted by NIST because "are obsolete and are being withdrawn because they have not been updated to
reference current or revised voluntary industry standards, federal
specifications, or federal data standards."

I don't know if there's anything wrong with the document or this algorithm within the password generator itself or if it's simply a fact of people not having paid
a close look in recent years.

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apg depends on:
ii  libc6  2.24-8

apg recommends no packages.

apg suggests no packages.

-- no debconf information

Reply via email to