On Sun, Feb 20, 2011 at 12:39, Martijn Pieters wrote:
>> Yes, changing the existing interface would require a 4.0. If you'd add
>> a new interface extending the IPasswordManager one, we could do it in
>> a 3.x release.
>>
>> A new zope.password 3.x release could go into both ZTK 1.1 and 1.0, a
>>
On Sun, Feb 20, 2011 at 11:56, Hanno Schlichting wrote:
> Yes, changing the existing interface would require a 4.0. If you'd add
> a new interface extending the IPasswordManager one, we could do it in
> a 3.x release.
>
> A new zope.password 3.x release could go into both ZTK 1.1 and 1.0, a
> back
Hi.
On Sun, Feb 20, 2011 at 11:41 AM, Martijn Pieters wrote:
> On Fri, Feb 18, 2011 at 22:19, Martijn Pieters wrote:
>> We should at the very least convert PAS to use zope.password instead
>> of AccessControl.AuthEncoding.
>
> I'll just go ahead and expand then IPasswordManager interface to
> pr
On Fri, Feb 18, 2011 at 22:19, Martijn Pieters wrote:
> We should at the very least convert PAS to use zope.password instead
> of AccessControl.AuthEncoding.
There is a snag. The zope.password API doesn't provide any way to
detect what scheme was used for a given hash.
Say you have a SSHA hash,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/18/2011 04:19 PM, Martijn Pieters wrote:
> I was looking into bcrypt[1] support for PAS I found z3c.bcrypt, which
> implements zope.password compontents (named utilities).
>
> PAS, however, uses Zope2's AccessControl.AuthEncoding module to handl
I was looking into bcrypt[1] support for PAS I found z3c.bcrypt, which
implements zope.password compontents (named utilities).
PAS, however, uses Zope2's AccessControl.AuthEncoding module to handle
password encryption / hashing schemes. Now, while AuthEncoding
certainly supports extending the avai
