Re: [Passwordsafe-devel] Updates
Popular easy-to-use and secure password manager
Brought to you by:
ronys
Menu
▾
▴
Re: [Passwordsafe-devel] Updates
|
From: Frank P. <fp...@fp...> - 2007-05-11 22:22:00
|
On Fri, 11 May 2007 15:59:39 -0400, dk <dk...@gm...> wrote: > > Re: "blobs", I would like more clarification..... > Do you mean "unknown fields" in a record as a blob and you display, > process or otherwise use the fields you know about? > Hi David, take, for example the recently introduced "password history" field. I have not implemented that field. So when reading a record that contains a password history, Password Gorilla stores the association <type=15,data=...> in memory, along with the "known" information about the record. The field is not shown or otherwise indicated to the user. Some implementation detail: my "password safe database" backend class just stores, for each record, a mapping of field types to data, without interpreting either. It is the front-end that interprets the fields it knows about. When writing the database, I just write the same field type and data back into the database, and Password Safe users will find their password history unchanged. Password Gorilla therefore does not respect the password history, and does not update the password history when the password itself is changed. But I find that the lesser evil compared to just discarding the password history. > > What if these unknown fields have dependencies on the fields that you do > know and maybe change? > I don't know, I think the risk of that happening is very low, especially if all fields are properly documented. But it's an implementation choice, so feel free to think and do differently. Frank -- Frank Pilhofer, fp...@fp... |
