[ZODB-Dev] RFC: Proposal for AuthZEO (was SecureZEO one day)
Evan Cofsky
evan@theunixman.com
Thu, 16 Jan 2003 07:41:02 -0800
> Alternately, take a look at the CRAM-MD5 authentication scheme used for
> many email protocols (SMTP AUTH, POP, IMAP): ISTR that it concatenates
> username+password, and then does some simple bit-twiddling on the result
> before computing the hash. Not sure why they do it that way, but there
> must be a reason. ;-) I think RFC 2104 is the definitive document; RFC
> 2195 looks a bit more touchy-feely and defines its use for POP and
> IMAP; RFC 2554 explains it for SMTP.
I think in Python 2.2 there is a HMAC module. I've used it
successfully with credit card transaction processors, and even with
Python 2.1
--
How much does it cost to entice a dope-smoking UNIX system guru to Dayton?
-- UNIX/WORLD's First Annual Salary Survey, Brian Boyle
Evan Cofsky, President, CEO The UNIX Man <evan@theunixman.com>