Roundup Tracker - Issues


Author schlatterbeck
Recipients ber, elic, joseph_myers, richard, schlatterbeck
Date 2011-04-14.18:19:25
Message-id <>
Oops. Looks like we implemented the same thing in parallel.
I've just committed and was about to write the following:

Implemented auto-migration to more secure password scheme.
This uses the new config-option 'migrate_passwords' in section 'web'
which is on by default.

I'll look into your patch to see if we take something from it.
Also note that I've made migration the default... and put a note into
the "upgrading" document.

BTW: I'll probably look into the following two things:
- making the number of iterations configurable (by adding a parameter
  to password generation which is given by all callers, I don't see
  another option)
- add regression tests for the new scheme from rfc6070

anything you've already done in this direction (before we again work in
parallel :-)

Thanks a lot for taking the time to contribute these fixes !
Date User Action Args
2011-04-14 18:19:25schlatterbecksetmessageid: <>
2011-04-14 18:19:25schlatterbecksetrecipients: + schlatterbeck, richard, ber, joseph_myers, elic
2011-04-14 18:19:25schlatterbecklinkissue2550688 messages
2011-04-14 18:19:25schlatterbeckcreate