> -----Original Message----- > From: open-iscsi@googlegroups.com [mailto:open-is...@googlegroups.com] > On Behalf Of Ulrich Windl > Sent: Thursday, December 17, 2009 1:27 PM > To: open-iscsi@googlegroups.com > Subject: RE: minimum password length check > > On 17 Dec 2009 at 0:55, shyam_i...@dell.com wrote: > > > Essentially what you are saying is that we haven't implemented the > > secret's bit randomness calculation to check if has atleast 96bits of > > entropy. > > > > No, I just wanted to point out that the quality of a secret key cannot > simply be > measured with "strlen(password)", and that 96 bits of randomness may > require a > longer string as one might initially have guessed. >
Right I get you right then.. Don't want to rework on getting the entropy of the secret. Do you mind open-sourcing it so we could do the checks as I detailed in the previous mail? Thanks, Shyam -- You received this message because you are subscribed to the Google Groups "open-iscsi" group. To post to this group, send email to open-is...@googlegroups.com. To unsubscribe from this group, send email to open-iscsi+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/open-iscsi?hl=en.