Giovannetti, Mark wrote:
From: Dmitry Vasiliev [mailto:[EMAIL PROTECTED]
Slices doesn't wrap around.
Right, this was what I was seeing/thinking about:
for i in range(41): print i, ' + password[:i-40] + '
[skip]
Can't really call it wrap around, I guess.
Anyway:
def
Giovannetti, Mark wrote:
I like that update. However, it would fail authentication on
stored lengths less than 40. Yes, I know that a length less than
40 would mean an anomalous stored password, but at least we
guarantee a blank '' salt, rather than the possibility of getting
some of the last
On Apr 23, 2007, at 12:03 PM, Giovannetti, Mark wrote:
You make a point, although I would expect a reference
implementation to be as good as possible. Hence, improvements
can be encouraged and, perhaps, the security bar raised.
Adding this salt patch allows a better, more secure reference