Date: Sat, 30 May 1998 22:58:42 +0200 From: Eivind Eklund <eivind@yes.no> To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: "J.A. Terranson" <sysadmin@mfn.org>, "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: MD5 v. DES? Message-ID: <19980530225842.57628@follo.net> In-Reply-To: <20473.896555907@critter.freebsd.dk>; from Poul-Henning Kamp on Sat, May 30, 1998 at 09:18:27PM %2B0200 References: <19980530203204.34537@follo.net> <20473.896555907@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, May 30, 1998 at 09:18:27PM +0200, Poul-Henning Kamp wrote: > I have been considering if we shouldn't introduce a > > int checkuserpassword(char *user, char *password); > > in some library, rather than having all these programs know that > you should strcmp after calling crypt(). This would allow us to > do what you propose or RADIUS authentication for that matter... I think the basic idea is good. It is not required for what I proposed - that will work perfectly well as a normal hash - but I'd still like to abstract. However, wouldn't it be advantageous to be able to do other forms of authentication too, like tokens etc? These might require a challenge, and an API to handle this. I'm tolkd PKCS#11 (reference paper from RSA, Inc) contains an API-standard for it. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980530225842.57628>