This AuthMD5 is only a basic-auth authentication, the real MD5 comes with digest auth where the client encrypt its data in MD5 too...
However i check for cherrypy and it got multiple models for it but i think they're not as good as mine is because: 1) MultiAuth is external 2) I found another auth model that uses files, and i think that using authentication in a OO mode is better 3) Did i mismatch what AuthenAutorize means in http://www.turbogears.com/community/projects.html? Maybe it means "extend already existing authentication/authorization"... However take care of the opera fix please :) On 10/4/05, Krys Wilken <[EMAIL PROTECTED]> wrote: > > Well, it seems like you've done more research on this than I have. :-) > I was just raising the thought. I'm glad that you have checked up on > this. I stand corrected. > > For my project, I am probably going to keep using SHA256 because it's > already there, and because I think it is more future proof. But it's > nice to be able to still keep things simple for the common case. > > Thanks for the info! > > Krys > > [EMAIL PROTECTED] wrote: > > >by broken, you mean collision ? It only affects it as a content > >hash(theoretically), say for source distribution(even that is remote as > >the altered content may become meaningless, failed to compile etc.) but > >in general safe for this kind of password usage, if my reading about > >the paper is right. > > > > > > > > > > -- www.italianpug.org - Italian Python User Group Founder
