* Michael Samuel (m...@miknet.net) wrote: > I think the direction upstream is going with SCRAM (or similar) is > fine, but either new hashes are required or using a customized code > base that uses MD5(password|username) where the password would > normally be directly input is needed.
For my 2c, I'm hopeful we can use the recommended storage approach
instead of keeping the current hashes (except as needed during the
transistion, of course).
> I don't have time to write any code, but I'm happy to review schemes
> and code (and probably will at some point anyway).
Thanks, I'll keep that in mind.
Stephen
signature.asc
Description: Digital signature
