Start a new thread,
Neil Harris wrote:
Actually, digital identity management is more
important than ever, and
this time it looks like it's going to be done right. SUL is an important
part of helping make that happen for Wikipedia and all of its attendant
projects.
I agree, wearing two hats: the operations and security communities....
Good engineering practices often require stepwise refinement.
Single User Login may have been originally envisioned for convenience,
but the ease of use and project-wide consistency can also encourage
better security practices.
I agree that changes to the login procedure can wait until SUL is
deployed, as long as enhancements are well planned beforehand.
Speaking to elements of the recent thread, I'd prefer SSL instead of
home-grown challenge-response algorithms. As I'm the author of several
well-known challenge-response protocols, and an experienced network
operator, I can speak to the difficulty of proper implementation and
operation! Use the existing tools, where the problems are understood
and mitigated on a world-wide basis.
I also agree with Ivan (and others) that there is no technical problem
with MD5 as a salted hashing algorithm in this instance. But I do prefer
some flexibility toward future use of other algorithms for diversity.
I suggest that the software default to MD5 (as now), but the presence of
the "sha1:" prefix indicate the alternative. It seems reasonable to
design a migration path for the future, and that migration code should
be well tested before migration occurs.
I don't agree that sha256 be used until that is a standard part of the
software package. Experience has shown the folly of relying on
insufficiently deployed and tested security implementations.