https://issues.apache.org/bugzilla/show_bug.cgi?id=51966
--- Comment #12 from Oliver Kohll <oli...@gtwm.co.uk> --- David, I see your other report https://issues.apache.org/bugzilla/show_bug.cgi?id=53785 is currently marked RESOLVED WONTFIX. I'm not a security expert but I don't think there's much argument that salting or a pluggable architecture would be an improvement on the current implementation of unsalted hashing. I for one appreciate the work others have done to date, above. It's unfortunate I don't have enough knowledge to contribute helpful patches myself but I'm sure this is going to be something that sees an increasing amount of interest. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org