On 18 Dec 2009 at 1:13, shyam_i...@dell.com wrote:
-Original Message-
From: open-iscsi@googlegroups.com [mailto:open-is...@googlegroups.com]
On Behalf Of Ulrich Windl
Sent: Wednesday, December 16, 2009 1:08 PM
To: open-iscsi@googlegroups.com
Subject: Re: minimum password
-Original Message-
From: open-iscsi@googlegroups.com [mailto:open-is...@googlegroups.com]
On Behalf Of Ulrich Windl
Sent: Friday, December 18, 2009 3:24 PM
To: open-iscsi@googlegroups.com
Subject: RE: minimum password length check
On 18 Dec 2009 at 1:13, shyam_i...@dell.com wrote
-Original Message-
From: open-iscsi@googlegroups.com [mailto:open-is...@googlegroups.com]
On Behalf Of Ulrich Windl
Sent: Thursday, December 17, 2009 1:27 PM
To: open-iscsi@googlegroups.com
Subject: RE: minimum password length check
On 17 Dec 2009 at 0:55, shyam_i...@dell.com
On 17 Dec 2009 at 16:08, shyam_i...@dell.com wrote:
-Original Message-
From: open-iscsi@googlegroups.com [mailto:open-is...@googlegroups.com]
On Behalf Of Ulrich Windl
Sent: Thursday, December 17, 2009 1:27 PM
To: open-iscsi@googlegroups.com
Subject: RE: minimum password
-Original Message-
From: open-iscsi@googlegroups.com [mailto:open-is...@googlegroups.com]
On Behalf Of Ulrich Windl
Sent: Wednesday, December 16, 2009 1:08 PM
To: open-iscsi@googlegroups.com
Subject: Re: minimum password length check
On 15 Dec 2009 at 22:47, shyam_i...@dell.com
-Original Message-
From: open-iscsi@googlegroups.com [mailto:open-is...@googlegroups.com]
On Behalf Of Ulrich Windl
Sent: Wednesday, December 16, 2009 1:08 PM
To: open-iscsi@googlegroups.com
Subject: Re: minimum password length check
On 15 Dec 2009 at 22:47, shyam_i...@dell.com
shyam_i...@dell.com wrote:
So I guess we should do some thing like this
If (check_96bit_entropy(secret) secret AUTH_MAX_STR_LEN) {
Use_secret
}
else {
Secret not strong enough ..throw error...
}
We do not check. The only problem would be if we added one now
On 17 Dec 2009 at 0:55, shyam_i...@dell.com wrote:
Essentially what you are saying is that we haven't implemented the
secret's bit randomness calculation to check if has atleast 96bits of
entropy.
No, I just wanted to point out that the quality of a secret key cannot simply
be
measured