Return-Path: 
 <couchdb-dev-return-1107-apmail-incubator-couchdb-dev-archive=incubator.apache.org@incubator.apache.org>
Delivered-To: apmail-incubator-couchdb-dev-archive@locus.apache.org
Received: (qmail 83062 invoked from network); 22 Oct 2008 21:18:14 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 22 Oct 2008 21:18:14 -0000
Received: (qmail 68241 invoked by uid 500); 22 Oct 2008 21:18:16 -0000
Delivered-To: apmail-incubator-couchdb-dev-archive@incubator.apache.org
Received: (qmail 68002 invoked by uid 500); 22 Oct 2008 21:18:16 -0000
Mailing-List: contact couchdb-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:couchdb-dev-help@incubator.apache.org>
List-Unsubscribe: <mailto:couchdb-dev-unsubscribe@incubator.apache.org>
List-Post: <mailto:couchdb-dev@incubator.apache.org>
List-Id: <couchdb-dev.incubator.apache.org>
Reply-To: couchdb-dev@incubator.apache.org
Delivered-To: mailing list couchdb-dev@incubator.apache.org
Received: (qmail 67991 invoked by uid 99); 22 Oct 2008 21:18:16 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Oct 2008 14:18:16 -0700
X-ASF-Spam-Status: No, hits=2.0 required=10.0
	tests=HTML_MESSAGE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of randall.leeds@gmail.com
 designates 209.85.217.20 as permitted sender)
Received: from [209.85.217.20] (HELO mail-gx0-f20.google.com) (209.85.217.20)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Oct 2008 21:17:06 +0000
Received: by gxk13 with SMTP id 13so9290214gxk.12
        for <couchdb-dev@incubator.apache.org>;
 Wed, 22 Oct 2008 14:17:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:date:from:to
         :subject:in-reply-to:mime-version:content-type:references;
        bh=/Y11d9jFx5fNtpwtQHbcYnnWTmZzW6BjskJ8GtHIu3Y=;
        b=o8DnnXGS/OqvY1dx5Z9lRSU0VByZxSdQS9IQ44RiC7kY1i3qC7751Ui7r/1vxb0eXl
         W2qf9zs4U9NB5ggIkUEP9FEI/YFVcTKyiq1ebawKpzXj8kf8lXIrjGMuatZ4zF0gonHG
         HI5JGJix9fg8LIA/THZ1NAWrnZ1dcldFtIyVI=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=message-id:date:from:to:subject:in-reply-to:mime-version
         :content-type:references;
        b=a606dyAT2xjwIroeEm65H/uEpx6Fl5fSzwSwrioWqj0l/Q3vsRLaXENLJi3gxeF+9X
         6hv8e54duWrytsjlzqIOjfijiOZXY7Nvsok8gzLbX3VIif4I02cNinkXDxc/V4b5ABP3
         RrXz2ctIV+Mokuyf/W/6LnnucjB622T1IiSX8=
Received: by 10.65.182.4 with SMTP id j4mr9106450qbp.6.1224710264146;
        Wed, 22 Oct 2008 14:17:44 -0700 (PDT)
Received: by 10.64.210.10 with HTTP; Wed, 22 Oct 2008 14:17:44 -0700 (PDT)
Message-ID: <ec7a93a0810221417ufcaf28auc6dcd3b1eb5d133a@mail.gmail.com>
Date: Wed, 22 Oct 2008 17:17:44 -0400
From: "Randall Leeds" <randall.leeds@gmail.com>
To: couchdb-dev@incubator.apache.org
Subject: Re: new CouchDB feature: Admin accounts
In-Reply-To: <FEC771A6-9020-4C30-99A2-C4591B3066E1@apache.org>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_Part_22086_19781255.1224710264105"
References: <ABC27565-824A-47EF-9BE4-618E4F4CEFBF@yahoo.com>
	 <20081022200554.GA17863@bytesexual.org>
	 <FEC771A6-9020-4C30-99A2-C4591B3066E1@apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

------=_Part_22086_19781255.1224710264105
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

> The only weakness I can think of is in the file systems, where the original
> unhashed password is still available in an undo log, or in a freed disk
> block.


Another argument for htdigest-like tool.

------=_Part_22086_19781255.1224710264105--