Hi, I noticed when creating new users in 1.6.1, that only 10 iterations of pbkdf2 is used.
I found the following link - https://issues.apache.org/jira/browse/COUCHDB-2066 What "requests" (other than login), go through the pbkdf2 scheme? I would imagine that replicators would not make use of session cookies, so therefore pbkdf2 would be used here. However, I am quite happy for the replicator user to have pbkdf2 iterations at 10 as this user contains a (strong) password that I control. I am more concerned with other users set at 10 iterations. Is pbkdf2 used for read/writes even though session cookies are used? What would the reasons be against using 10000 iterations? Thank you.
