On Thu, Nov 19, 2015 at 03:36:43PM -0700, Theo de Raadt wrote: > > I am rather late to this thread... > > > > On Thursday 15 October 2015 15:46:47, Raimo Niskanen wrote: > > > > > Are there more password ciphers planned for the future e.g > > > > > sha256 and sha512?> > > > > > > > > > > > > No, we will not be adding those. > > > > > > > > > > > > > > > > Those simple hashes do not provide the future-proof, > > > > high-cost-to-crack features of bcrypt, which has made it > > > > successful as industry staple. The dumb hashes even arrived years > > > > after bcrypt, seems likely the result of choosing ideas "not > > > > invented by openbsd" > > > > > > Ouch! And I have not seen any other upcoming ciphers > > > mentioned. These seem to be state of the art in the Linux world :/ > > > > ... but if anyone wants to add their voice to > > https://sourceware.org/bugzilla/show_bug.cgi?id=16814 , maybe glibc > > could be made to reconsider bcrypt. AFAIK, glibc upstream is mostly > > different people now than when they added sha2 password hashes. > > Good luck -- a lot of 'IBO' resistance runs in those circles.
What means 'IBO'?
