Harish Prabandham wrote:
>
> Any one way hash algorithm is good enough. The point that James was
> making was to use the MD5 algorithm that every JDK ships with....
I don't think I contested that point, but James suggested (and I think I
remember) that SHA-1 was also available. What I did contest was that
crypt() was not one way. It is.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
|