There's no point in salting the agent passwords, and we can't easily change things to salt the user passwords until none of the command line tools talk directly to mongo, so I'm +1 on john's patch for now.
On 4 November 2013 13:26, William Reade <[email protected]> wrote: > On Fri, Nov 1, 2013 at 1:39 PM, roger peppe <[email protected]> wrote: > >> The changes look trivial, although we'd have to be careful if we wanted to >> maintain backward compatibility. > > > If we're going to fix this (which ISTM we should) we should make sure we fix > the salting at the same time: there's no sense incurring compatibility costs > in the same area more than once. > > A little part of me wants to use this as an excuse to use SSL client > certificates for agents instead, but I'm not sure it's really justifiable > here. > >> >> >> -- >> Juju-dev mailing list >> [email protected] >> Modify settings or unsubscribe at: >> https://lists.ubuntu.com/mailman/listinfo/juju-dev > > -- Juju-dev mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju-dev
