URL: https://github.com/freeipa/freeipa/pull/317
Title: #317: Unify password generation across FreeIPA

simo5 commented:
@stlaz SHA-1 DOES NOT add entropy at all, you need the right number of bits in 
INPUT for whatever trasformation you use.
@mbasti-rh in what way FIPS is incompatible with base64 encoding ?
@stlaz  spaces may cause issues in some places where passwords are stored in 
files or passed (annoyingly) as shell arguments, soit is safer to avoid them in 
the final output, and given the way the code deal with space that would also 
simplify the random generator and avoid the bias on 1st and last charcter of 
the password.

See the full comment at 
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to