[Parti-discuss] [PATCH] secure password support
Nathaniel Smith
njs at pobox.com
Sun Jun 14 15:45:11 PDT 2009
On Sun, Jun 14, 2009 at 8:42 AM, Antoine Martin<antoine at nagafix.co.uk> wrote:
> This patch implements secure passwords authentication (I believe - can
> someone please check!)
Well, that's the problem with hand-rolled crypto -- it's mostly
impossible to check...
Technically, the patch looks reasonable enough, and things like the
short write issue are fixable.
I'm *really* nervous, though, about getting into the secure connection
business. That's an impossibly difficult problem, and it's one that's
already solved -- just use ssh. So I'm reluctant to accept any patches
along these lines without, at the least, specific use cases and clear
argumentation for why this approach is the most appropriate way to
handle those use cases. Can you provide such?
-- Nathaniel
P.S.: Final grading is done, so I hope to get back to the patch
backlog and get an 0.0.7 out in the next few weeks... sorry about that
delay.
More information about the Parti-discuss
mailing list