From owner-freebsd-security Sun May 2 2:36:10 1999 Delivered-To: freebsd-security@freebsd.org Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228]) by hub.freebsd.org (Postfix) with ESMTP id 2CFBF1511D for ; Sun, 2 May 1999 02:36:08 -0700 (PDT) (envelope-from jkh@zippy.cdrom.com) Received: from zippy.cdrom.com (localhost [127.0.0.1]) by zippy.cdrom.com (8.9.3/8.9.3) with ESMTP id CAA23336; Sun, 2 May 1999 02:32:55 -0700 (PDT) (envelope-from jkh@zippy.cdrom.com) To: "Jeroen C. van Gelderen" Cc: Robert Watson , Poul-Henning Kamp , The Tech-Admin Dude , Brian Beaulieu , freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish In-reply-to: Your message of "Sun, 02 May 1999 11:25:09 +0200." <372C19F5.625BB2B@vangelderen.org> Date: Sun, 02 May 1999 02:32:55 -0700 Message-ID: <23332.925637575@zippy.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Regardless of what you think about Blowfish, recommending Twofish > is a very, very bad move. The golden rule in crypto is that trust > comes with the age of an algorithm. Twofish is waaaay to young to > be trusted, especially since it's an evolutionary improvement > over Blowfish which you don't like for some reason. Erm, one of the goals of PAM is to support *multiple* encryption methods, so why not do a PAM module for each and let the administrator decide which authentication methods to support in /etc/pam.conf? - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message