Hi, On Thu, Oct 05, 2006 at 02:21:53PM +0400, Potapov Vladislav wrote:
The mail will still contain a "password: <something>" block, just the way this password is hashed in the maintainer object is different."
Then it is NOT improve security much.
It does. It takes away the attack angle of breaking CRYPT-PW hash.
Using your allegory: Let's put huge lock on our cardboard door? In security ALL parts are essential. BEFORE I can use "the day-to-day" operation I should change CRYPT-PW to MD5-PW. And PERSONALLY I don't need the enhanced in some way but weak in the other "security".
As our members tell us that "crypto is hard!!!!" we can not enforce PGP (which would be a big step) - so security is increased in small steps. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 98999 SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 D- 80807 Muenchen Fax : +49-89-32356-234