[Zope3-dev] SHA1Password manager, add a pinch of salt
Giovannetti, Mark
giovanne at nrcan.gc.ca
Tue Apr 24 10:56:36 EDT 2007
> -----Original Message-----
> From: Dmitry Vasiliev [mailto:dima at hlabs.spb.ru]
>
> Giovannetti, Mark wrote:
> > Surely, welcoming obvious improvements that will save some
> > other zope developer from re-implementing a secure /etc/passwd
> > equivalent is desirable.
>
> I agreed. I'll apply slightly modified version of the patch with
> fixed-length salt if you don't object.
>
By all means, I have no objections. Thanks!
> > Python 2.5 has hashlib which supports sha224, sha256 and so forth.
> > I may look into adding support for those hashes to password
> > when zope has been updated for 2.5.
>
> I think in this case it will make sense to move the module into self
> contained package for example zope.app.password or even zope.password.
Ok, I might be able to help if you want.
Regards,
Mark
More information about the Zope3-dev
mailing list