Re: Which password cipher ?

To: Thor Lancelot Simon <tls%panix.com@localhost>
Subject: Re: Which password cipher ?
From: Steven Bellovin <smb%cs.columbia.edu@localhost>
Date: Wed, 1 Dec 2010 10:47:43 -0500

On Dec 1, 2010, at 10:41 58AM, Thor Lancelot Simon wrote:

> On Wed, Dec 01, 2010 at 01:33:38PM +0000, Andrew Doran wrote:
>> 
>> Outside the NetBSD bubble most newly installed systems use MD5.
> 
> If that is actually the case, then it is not possible to certify such
> systems under most of the interesting/commercially valuable security
> standards.
> 
THat isn't clear to me -- the weakness under collision of MD5 is completely
irrelevant here.


                --Steve Bellovin, http://www.cs.columbia.edu/~smb

Follow-Ups:
- Re: Which password cipher ?
  - From: Thor Lancelot Simon

References:
- Which password cipher ?
  - From: Joel Carnat
- Re: Which password cipher ?
  - From: Julio Merino
- Re: Which password cipher ?
  - From: Andrew Doran
- Re: Which password cipher ?
  - From: Thor Lancelot Simon

Prev by Date: Re: Which password cipher ?
Next by Date: Re: Which password cipher ?
Previous by Thread: Re: Which password cipher ?
Next by Thread: Re: Which password cipher ?
Indexes:

Home | Main Index | Thread Index | Old Index