Menu
▾
▴
Re: [Firebird-devel] crypt plugins
|
From: Edward F. <ed...@cd...> - 2004-09-23 17:57:33
|
Alex Peshkov wrote: > I shouldn't discuss the problem, can SHA be brutforced or not. Even if > can't be now, who knows what will happen in a few years. Right, thats why I was saying that the hash algorithm doesn't really mean anything. It can be bruteforced anyways. > What about making security database unreadable... I totally agree with that. > Certainly, it's possible to think about some tricks > here, but may be it's better to think about PAM authentication? PAM would be great for local authentication, but I don't think it works over the wire (unless you are using a kerberos PAM module or something, but correct me if I'm wrong). SASL is very modular and is meant for over-the-wire authentication, and with SASL there wouldn't be the need to implement individual authentication mechanisms, since its handled generically. Maybe doing both would be the way to go. > BTW. If you write crypt plugin, using mentioned wonderful things like > SRP or SASL, this will be nice. Maybe after I quit working 60 hours a week :-P. Ed |
