2 Apr
2002
2 Apr
'02
1:01 p.m.
Randy and all, On Thu, 28 Mar 2002, Randy Bush wrote:
Andrei Robachevsky wrote:
My main concern here would be that basing the proposed method on an implementation (md5-crypt), which may change or may be mixed with some other implementation, rather than on the documented algorithm (md5 hash), which cannot, may cause confusion in the future.
[snip]
the way out of this would seem to be for someone to write an internet draft on salted md5 and process it through the ietf security area.
randy
I'm looking into this. Any other volunteers/suggestions? Pierre.