OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

office message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Passwords


Greetings,

I keep running into:

"To avoid saving the password directly into the XML file, only a hash 
value of the password is stored."

But the value, not surprisingly, is "string."

Shouldn't encryption of the password be considered as application specific?

Thus:

Passwords should not be saved without encryption in the XML file. The 
encryption to be used is application specific.

Which raises the interesting issue of how one indicates what 
hash/encryption function was used?

I am assuming that simply because one ODF comformant application uses a 
particular hash function, there is no gurantee that another will use the 
same function.

Hope everyone is having a great day!

Patrick

-- 
Patrick Durusau
Patrick@Durusau.net
Chair, V1 - Text Processing: Office and Publishing Systems Interface
Co-Editor, ISO 13250, Topic Maps -- Reference Model
Member, Text Encoding Initiative Board of Directors, 2003-2005

Topic Maps: Human, not artificial, intelligence at work! 




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]