Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 16 Mar 2018 02:59:39 -0700
From: Jim Fenton <fenton@...epopcorn.net>
To: passwords@...ts.openwall.com
Subject: Re: keyed hash vs. encryption

On 3/15/18 1:08 PM, Solar Designer wrote:
> Now in another thread, Arnold argues in favor of changing the SHOULD to
> SHALL, and you haven't objected yet:
>
> http://www.openwall.com/lists/passwords/2018/03/15/1
>
> So I feel I have to: please either leave it at SHOULD, or please allow
> the hash encryption approach as an option as well (primary option even?)

"yet"? I didn't realize there was a deadline. I'm traveling and
jet-lagged (California -> London). BTW, if anyone here will be at the
IETF meeting this coming week, look me up.

As I said to Arnold a little while ago, SP 800-63B was published last
summer after considerable public comment, and I do not expect it to be
changed (except possibly for small errata) until it is ready for another
revision, with more public comment, etc.

I haven't time to review all the yescrypt detail you provided right now.

-Jim


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ