Seth Arnold <[EMAIL PROTECTED]> writes: > * lantz moore <[EMAIL PROTECTED]> [010403 14:16]: > > i was just pointing out that if someone does use someone else's name/email > > as their password, temporary confusion will ensue. > > If you can figure out how to get an email address + user-supplied random > data (even if not very random :) + server-supplied random data > (important to be random) out of a single md5/sha1 hash, then hats off to > you. :)
that is true, however, i don't believe that is relevant to the particular proposal that was being discussed: peter karlsson <[EMAIL PROTECTED]> writes: > Standard procedure to do secret votes in other communities where secret > electronic votes[1] have been wished has been for each voter to supply > their own secret password (any alphanumeric string), which was then > published along with the vote. Those wishing to be non-anonymous > usually supplied their name and address as password. the "secret key" is not necessarily a hashed value but is "any alphanumeric string." this is a key point wrt my earlier comments. i apologize if i wasn't clear enough. -l
