Re: [Passwordsafe-devel] Format Tests
Popular easy-to-use and secure password manager
Brought to you by:
ronys
Menu
▾
▴
Re: [Passwordsafe-devel] Format Tests
|
From: dk <dk...@gm...> - 2007-05-24 19:42:18
|
Wolfgang, Re: "Simplicity I" - say header field 0x05 (currently "nnnnu....uh....h") in V3.01 is changed to "u...u" in V3.02 as we have previously seemed to agree, then if I already know that we are at version 3.02 I won't try and use the first 4 characters as the user length field. I know that length checking etc/ would catch this - but why make it difficult for ourselves? The alternative is that, in V3.02, header 0x05 is not used and two new fields are used for user and host respectively. The only personal objection I have is that I don't like gaps in the range of used fields (i.e. in V3.02, and later, header 0x05 will never be used). David PS. I quite like the concept of "Private", "Approved", "World" - although I would use "Assigned" rather than "Approved" as "Approved" means that PWS approves of another applications usage/ownership. PPS. Whilst a hash table is good, (IMO) it is not necessary with the small number of fields we have. A simple switch/case construct is sufficient. -----Original Message----- From: pas...@li... [mailto:pas...@li...] On Behalf Of Wolfgang Keller Sent: 24 May 2007 07:39 To: pas...@li... Subject: Re: [Passwordsafe-devel] Format Tests Thanks for the clearifying words, David! Something about your further points: (Simplicity I) I don't see a point in having any specific field first because of the following context. The most "natural" data structure used to hold the list during runtime is a hashtable. Hashtables have random ordering when they are made to serialize. (The end-marker 0xff is not part of the content but just a meta-tag on the file!) a) There is no necessity to demand extra program logic to bring out the 0x00 field first and the rest trailing. b) The "sound and simple" algorithm dealing with field lists would take two steps: 1 - reading in the entire list (purely formal) and 2 - interpreting fields. This advocates to forget all about field ordering. (Tolerance II) My idea was to create 3 realms of field types which mean 3 levels of "formal and semantical jurisdication", so to say. I fully agree there must be a range which is completely secluded for the PWS project. I have seen 0x00 - 0x3f fitting. These are 64 fields and should do the job for a while. (I don't mind if it is some numbers larger.) Let's call it the PWS-HOME (or pws-private) range. Then there is a second range from 0x40 to 0x7f (or some other range), let's call it PWS-APPROVED (or pws-protected). The fields there are formally administered by the PWS project but they are given away to approved pws-like other projects for their own and private purposes. This means PWS is just holding a list of reservations but does not control any semantical aspects of those fields. The advantage for "approved" projects is that they enjoy a level of protection against random destruction if any "rest-of-the-world" project should be using extra fields. The third level is WORLD and ranges 0x80 to 0xfe (or some other range). It is meant for projects and experiments which never perk a head in the discussion lists. This range is not controlled by PWS at all, but a recommendation can be given out for applications to perform data-marking in order to verify the property of any read fields. Regards - Wolfgang dk wrote: > Wolfgang, > > Honest - I am really not intending to cause any "unnecessary > obstacles". I apologise if my posts appear so - that was not the > intent - probably my use of the English Language. I value other people's contributions and ideas. > The more the better. > > Nothing I have said in these posts is fixed - they are only my current > opinion and could easily change. Rony is the final arbiter and there > is no guarantee that he will pick my view, your view or anyone else's; > that is why I have asked for a "draft specification" for the next and > future formats so they can be discussed more widely. > > I have put my answers in the body of your message below prefixed by ">>>". > > Regards, > > David > > > > ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Passwordsafe-devel mailing list Pas...@li... https://lists.sourceforge.net/lists/listinfo/passwordsafe-devel |
