https://bugzilla.wikimedia.org/show_bug.cgi?id=28419
--- Comment #32 from Daniel Friesen <[email protected]> 2012-03-31 00:42:54 UTC --- You're using completely abstract arguments that ignore the reality of the system we're trying to implement this in. We have no abstract concept of 'options'. All we have is a big blob of text like "250:32:d41d8cd98f00b204e9800998ecf8427e". Right now "WE" have a pattern of arbitrarily separating options using ':'. However this is in no way a standard we should require. Other implementations like crypt() use $ to separate options. And there is a possibility of our parsing things this way conflicting with the way another implementation does it and making any implementation have to use hacks to undo what we shouldn't have done in the first place. Forcing one storage format for options and the hash gets in the way of the possibility of password implementations which use external libraries like bcrypt or scrypt. md5 was good enough years ago. Now it's not. Best security practices change over time and add more requirements. So I am opposed to any short-sighted attempt to simplify an interface by ripping out pieces that give it enough flexibility to handle future password hashing algorithms with different requirements. We made that mistake once already, and I don't intend to have to rewrite this again because we didn't think ahead. ---- preferred type, common type... they're the same thing, we don't need to bike-shed over names. The preferred type is there for precisely that reason, so that the current/preferred password format can be overridden and we're not stuck with A and B hardcoded. And yes individual schemes should be able to declare whether something is preferred or not. The point of that is so that when someone say changes the PBKDF2 settings and wants 20000 iterations we don't leave 10000 iteration passwords in the database when the wiki is configure to use 20000. We don't know what configuration variables the implementation gives the sysadmin or what format options are in, so that method is there for implementations to declare when the settings used for a password do not match what the site admin has configured into their settings. I randomly grabbed the name preferred since it's also used in password upgrading when enabled. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
