Re: [Passwordsafe-devel] Enhancement Topics (Format and Usage Bugs)
Popular easy-to-use and secure password manager
Brought to you by:
ronys
From: Frank P. <fp...@fp...> - 2007-05-07 23:59:38
|
On Mon, 07 May 2007 12:02:03 -0400, Wolfgang Keller <91...@gm...> wrote: > > looks like I have 4 major topics which I will bring in as separate post > for discussion. > Hi Wolfgang, just wanted to point out that these are implementation issues rather than format issues. The formatV3.txt document should be definitive, and implementations ("Password Safe Clones") should conform to that document. If Password Safe or any other implementation does not comply with the format document, the implementation should be fixed rather than the document. Once some clones begin copying other implementations' issues and bugs, we lose interoperability. The formatV3.txt shall be concise enough that no incompatible interpretations can exist. > > b) The setting of security loops ("ITER" in format description) is > likewise replaced by the PWS standard value of 2048 with every save. > This also looks unfortunate to me as other applications might choose to > set up a special value which then is lost. > Just FYI, my implementation retains the number of iterations across save operations, and prints a warning when a value less than 2048 is used. Again, this is an implementation detail. > > c) Interesting enough, a definition of the "Text" data type in > FormatV3.txt has either never existed or disappeared (file revision 1216 > / 17.01.2007). Can we fix it into something reliable like UTF-8 plain, > without leading or trailing string or format or length tokens? > Indeed. I seem to remember that we finalized on using UTF-8, with no null byte at the end. Yet I can find no record of that decision in the current formatV3.txt document. Rony, can you please add a note to the formatV3.txt file to that effect, e.g., Text fields are stored using the UTF-8 character encoding. No null character is stored in the record data or counted as part of the field length. I.e., the ASCII string "Hello World" is stored as a single block, with the field length set to 11. Frank -- Frank Pilhofer, fp...@fp... |