[Catalog-sig] Pull request to migrate PyPI to bcrypt
Christian Heimes
christian at python.org
Mon Feb 11 13:56:59 CET 2013
Am 11.02.2013 13:05, schrieb Giovanni Bajo:
> This is harder to fix. Christian's main concern is that he doesn't trust me and my proposed solution because he didn't see it elsewhere. I saw it mentioned many times around, but I think that, at the end of the day, that's a red herring: the point is that I'm not in his (and/or your) trust circle, but that's fine, we can still find a way around it. It's probably useless for me to keep arguing though.
>
> I think that a migration path on login from an unsalted SHA1 is completely wrong, so I have a proposal: I will submit it if we agree on resetting all the passwords immediately; or within a short timeframe (eg: 2 months), and notify all the users to login once as soon as possible (so after 2 months we reset passwords of users who haven't logged in).
Please don't get me wrong. It's not that I don't trust *YOU*. I don't
trust unknown stuff when it comes to security. Cryptography has a
tendency to blow up in your face when you leave the trail and wander of
into the jungle.
I actually *like* the idea to move to a proper adaptive key derivation
algorithm with salting. Although I personally prefer PBKDF2 over bcrypt.
Christian
More information about the Catalog-SIG
mailing list