Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 19 Jun 2012 16:13:20 +0000
From:      Alexey Dokuchaev <danfe@FreeBSD.org>
To:        Dag-Erling Smorgrav <des@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r237269 - in head: etc lib/libutil
Message-ID:  <20120619161320.GA54109@FreeBSD.org>
In-Reply-To: <201206191446.q5JEkJTY050836@svn.freebsd.org>
References:  <201206191446.q5JEkJTY050836@svn.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 19, 2012 at 02:46:19PM +0000, Dag-Erling Smorgrav wrote:
> Author: des
> Date: Tue Jun 19 14:46:18 2012
> New Revision: 237269
> URL: http://svn.freebsd.org/changeset/base/237269
> 
> Log:
>   Switch the default password hash from md5 to sha512.

Pardon my possible unawareness, but was this change discussed anywhere?
I understand the rationale to move away from MD5, but reasons for SHA512
seem moot.  I've personally had been using Blowfish for password hashes
since OpenBSD switched to it, for example, as fast and apparently reliable
hash.  Is there anything wrong with it?  Why SHA512 is clear winner here?
FWIW, ports use SHA256 for now.  Could it be that switch to SHA512 will
impose perfomance problems?

./danfe



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120619161320.GA54109>