From owner-freebsd-security Fri Feb 14 10:04:35 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id KAA19658 for security-outgoing; Fri, 14 Feb 1997 10:04:35 -0800 (PST) Received: from rocky.mt.sri.com (rocky.mt.sri.com [206.127.76.100]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id KAA19629 for ; Fri, 14 Feb 1997 10:04:27 -0800 (PST) Received: (from nate@localhost) by rocky.mt.sri.com (8.7.5/8.7.3) id LAA00515; Fri, 14 Feb 1997 11:04:14 -0700 (MST) Date: Fri, 14 Feb 1997 11:04:14 -0700 (MST) Message-Id: <199702141804.LAA00515@rocky.mt.sri.com> From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: Warner Losh Cc: security@freebsd.org Subject: Re: blowfish passwords in FreeBSD In-Reply-To: References: Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > OpenBSD just committed a new encryption method using blowfish. This > has a much larger salt space as well as a much harder to break > encryption scheme. Preliminary indications are that it looks really > good. They implemented this much like md5, but with its own code. > > I think we should bring this into FreeBSD. What do others think? I think DES and MD5 are enough in the default distribution. You *can* have too much of a good thing, and it hasn't been shown that MD5 is breakable, and DES is only for abackwards compatability. Trying to support 3 encryption routines is loke trying to support three init routines. :) Nate