On 01/03/2006 09:45:02 PM, Ted Unangst wrote:
On 1/3/06, kami petersen <[EMAIL PROTECTED]> wrote:
> on a related subject: what's keeping that diff you did to add
salting to
> vnconfig from hitting the tree? (or something like it)
i don't believe that the people asking for cgd really even intend to
use it.
I don't intend to use svnd (and so have not been paying attention
but am venturing to comment anyway), but I do _like_ the idea
of having it there to use should the need arise. Salting sounds
like something I want because, again, in my uninformed opinion,
otherwise you wouldn't see it all over the place in password
hashes. Apparently the implementation complexity v.s. increase
in security trade-off comes out in favor of salting in at least
that problem domain. It would be a question I'd investigate should
I ever want an encrypted file system. I'm interested enough
to pay a little attention now should somebody either decide
to implement salting in svnd or explain why I don't want it.
I suspect others are in the same frame of mind. Hence the
not-necessarily-informed hand waving surrounding all sorts of
encrypted filesystem issues (even though, IMHO, salting is
the only issue of significance in svnd that was brought
up in the CGD article.)
Why did I write this? I guess because I'm lazy like everybody
else and am hoping for an expert answer vis. svnd and salting.
Perhaps I'm thinking you'd appreciate the data point regards
my interest in the subject. Feel free to ignore me.
Regardless you should know I do appreciate the work done.
Karl <[EMAIL PROTECTED]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
