Re: [OT] Intent to Rewrite: pwgen

To: debian-devel@lists.debian.org
Subject: Re: [OT] Intent to Rewrite: pwgen
From: kaih@khms.westfalen.de (Kai Henningsen)
Date: 24 Jun 2001 10:59:00 +0200
Message-id: <[🔎] 83Tycf9Hw-B@khms.westfalen.de>
In-reply-to: <[🔎] 20010623210330.L13221@madhack.com>
References: <[🔎] 20010623210330.L13221@madhack.com>

mike@markley.org (Mike Markley)  wrote on 23.06.01 in <[🔎] 20010623210330.L13221@madhack.com>:

> On Sat, Jun 23, 2001 at 07:12:42PM -0700, Adam McKenna <adam@debian.org>
> > spake forth: On Sat, Jun 23, 2001 at 06:02:24PM -0700, Mike Markley wrote:
> > > On Sun, Jun 24, 2001 at 01:08:00AM +0200, Kai Henningsen
> > > > > <kaih@khms.westfalen.de> spake forth: Look at mkpasswd in the whois
> > > > > package.
> > > >
> > > > What on earth does it do in that package? Is there a whois system
> > > > somewhere that knows about passwords?
> > >
> > > NSI and the CRYPT-PW authentication scheme... not that there's any
> > > excuse for not using PGP ;).
> >
> > There is an excuse -- it doesn't work.
>
> Sure it does, I used it just last week... it's got some pretty lame
> restrictions (doesn't do PGP/MIME for one), but it's more secure than a
> password on a website or a plaintext-equivalent password hash (yes you can
> re-use an intercepted password hash for CRYPT-PW)...

Hmm ... doesn't the RIPE code do MIME? And isn't the RIPE code public?  
(http://ftp.ripe.org/ripe/dbase/software/ripe-dbase-3.0.1.tar.gz)

The thing seems to be under the equivalent of a modern BSD license, i.e.  
DFSG-free. Now there's a thought ...

MfG Kai

Reply to:

References:
- Re: [OT] Intent to Rewrite: pwgen
  - From: Mike Markley <mike@markley.org>

Prev by Date: Re: Intent to Rewrite: pwgen
Next by Date: Re: What to do with ae...
Previous by thread: Re: [OT] Intent to Rewrite: pwgen
Next by thread: Re: Intent to Rewrite: pwgen
Index(es):
- Date
- Thread