On Mon, Oct 20, 2014 at 3:34 PM, Chris Steipp <cste...@wikimedia.org> wrote: > On Mon, Oct 20, 2014 at 11:00 AM, Zack Weinberg <za...@cmu.edu> wrote: >> 1) Since this is changing anyway, it would be a good time to make the >> token size and structure independent of whether the user is logged on >> or not. [...] > > This is the direction I'm pushing towards. The way we handle caching > at the WMF keeps this from being as simple as you have here, but yes, > it's a long over due change.
Good to know. I'm not much of a PHP developer but I am interested in helping to the extent that I can. >> 2) Since this is changing anyway, it would be a good time to stop >> using MD5. SHA256 should be good for a while. > > Preimage attacks on md5 are still just slightly faster than brute > force, so while I don't think we're in danger, I'm not opposed to > strengthening this. It's not an urgent change, and you're right that the HMAC construction insulates you from all the known problems with MD5, but it ought not be put off indefinitely. It seems to me that one flag day is better than two. >> 4) Architecturally speaking, does it make sense to time-limit the >> *token* rather than the *session*? > > That would be nice, but it makes it harder to do rolling validity, and > this way we can also limit different types of tokens (so a checkuser > token can be limited to a few minutes, while an edit token can have > several hours) without having to track more secrets in a user's > session. Ah. Makes sense. zw _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
