[dev] Re: Password encryption (moved from IMP list)

[Scott Courtney]

On Tuesday 17 June 2003 16:06, Eric Rostetter wrote:
> > Again, I don't disagree with you at all. If this can't be implemented
> > easily and cleanly, then it's not worth doing. I think it might not be as
> > bad as you suggest, though. If I'm wrong, then I'll happily drop the
> > suggestion.
>
> I didn't mean to suggest it was difficult.  I wanted to simply spawn a
> debate over the implementation issues (complexity, compatability,
> difficulty in adding initial user/password to db, etc) versus the possible
> results (including false sense of security if we don't admit the flaws in
> it).

Spawning a debate is, IMO, a Very Good Thing. That's all part and parcel
to the Open Source process. :-) No idea should go unquestioned.

> I also wanted to flesh out ideas of making this the default auth method
> versus making it just another auth method, etc.
>
> I think if you wrote this auth backend up, and documented it well, it would
> be a good addition to Horde.  But I think the real success or failure will
> be in how well it is documented, and of course if any one bothers to read
> the docs ;)

Decent documentation I can provide. I am an experienced technical writer and
editor. I've actually considered contributing some technical documentation
for other parts of the code, as my way of helping the overall project. Given
time (not available right now) I would very much like to do so.

Scott

-- 
-----------------------+------------------------------------------------------
Scott Courtney         | "I don't mind Microsoft making money. I mind them
courtney at 4th.com       | having a bad operating system."    -- Linus Torvalds
http://4th.com/        | ("The Rebel Code," NY Times, 21 February 1999)
                       | PGP Public Key at http://4th.com/keys/courtney.pubkey