From owner-freebsd-security Thu Apr 20 12:19: 8 2000 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id B7FF837BA14; Thu, 20 Apr 2000 12:19:05 -0700 (PDT) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id MAA57811; Thu, 20 Apr 2000 12:19:05 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Thu, 20 Apr 2000 12:19:04 -0700 (PDT) From: Kris Kennaway To: Mohacsi Janos Cc: security@FreeBSD.ORG Subject: Re: why not use crypt() written by Kris Kennaway? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 20 Apr 2000, Mohacsi Janos wrote: > I saw the initative of Kris Kennaway to modify the password scheme > in the FreeBSD (integrated blowfish, SHA-1, and new DES). > What happened with it? It needs to be polished up a bit. It's still on my list, and I hope to get to it in the next month or two. > In the CVS tree the SHA scheme marked dead. Why? Because the tree version of SHA-1 passwords was incompatible with my new one and I didn't want to introduce a new feature in 4.0 only have to deprecate it soon after and live with the legacy. > Is not possible to distribute FreeBSD with DES/Blowfish integrated since > the beginning of this year? Don't we want to mantain cross platform (at > least cross BSD) password schemes? In the FreeBSD 5.0? It will most probably appear in 5.0 but not before, unless there is overwhelming demand for it once it appears in -current. Kris ---- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message