On Wed, 2007-08-22 at 13:42 -0700, Alan Wright wrote:
> > The case timer was extended to 8/29/2007 during today's meeting due to
> > outstanding unanswered questions.
> >
> > Specifically, the questions I asked on 8/15 have not yet been answered,
> > and Gary's discussion hadn't converged.
>
> I think the disucssion with Gary has converged.
Gary said otherwise during the meeting today.
> I'm sure Gary
> will correct me if I've misinterpreted but we seem to be
> aligned on both the auditing and RBAC requirements. Updated
> NDMP documents should be out either today or tomorrow.
>
> The general opinion seemsed to be that adding two-way encryption
> to the read-protected password property wasn't worthwhile for this
> case. I thought this issue was closed.
No, it's not closed. See my message dated 15 Aug 2007 10:51:39 -0400;
the current password-in-files policy says that if you're storing a
password you need at the very least some sort of reversible obfuscation
to protect against shoulder-surfing-the-admin attacks.
> having
> separate, per algorithm keys in this case may give the perception
> of added security but, in order to allow clients to negotiate
> either option, the keys would have to be set to the same value.
Well, that's not immediately clear to me, but before we go back down
this path, can you answer the question I asked in my message dated
Wed, 15 Aug 2007 15:54:57 -0400
It might affect my views if I had a better idea of the fraction of
clients out there which only do plaintext passwords. If nobody did
cram-md5, this would be irrelevant. If everyone did cram-md5, we
wouldn't need to support plaintext passwords. But is it 90-10,
50-50, or what?
I need that information to evaluate your proposal. I don't have it.
- Bill
