tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <>
Subject Re: [VOTE] Short Term Plan: Add Security Management Capabilities to Tomc
Date Sat, 16 Oct 1999 21:09:10 GMT
James Davidson wrote:
> What about using with SHA-1 or MD5? It's in JDK
> 1.1. It's got to be better than crypt... :) And, you don't ever need the
> password back out, you just need to compare. Just a thought.

crypt() doesn't give you the password back out. But anyway you are right
that SHA-1 or MD5 HMACs are better. SHA-1 is mostly considered best,
these days.




"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi

View raw message