On 09-05-2009 11:43:14 +0200, Stefan de Konink wrote: > Fabian Groffen wrote: > > On 08-05-2009 19:54:38 +0200, Stefan de Konink wrote: > >> As already found in the news SHA-1 is advised to migrated off by 2010. I > >> would suggest SHA-2 in protocol 9. > > > > Which one of the SHA-2 family then? And is it really that important > > given that the store is still protected by a vaultkey? > > SHA-256; > > Is it important? For obvious reasons you choose not to use SHA-0 or MD5 > for prototol 9. Within that logic SHA-1 is actively being broken; thus I > would follow an advisory not to incorporate them in new software.
Which is ok with me, but just makes it a bad initial choice from my side, since this change will not be "convertable" from one to another. Not a problem for releases, but it is a problem for people depending on trunk at the moment ;) Perhaps we should make use of this and allow the DBA to configure what password backend to use, and have proto 9 automagically see what hash to use. This requires a bit more work, but saves us from an un-convertible upgrade in the future when SHA-2 is taken for weak as well. ------------------------------------------------------------------------------ The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com _______________________________________________ Monetdb-developers mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/monetdb-developers
