[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: scrypt Internet Draft
Nick Galbreath <email@example.com> writes:
> Hi team-scrypt!
> I'll read the spec more carefully once I'm back home, but quickly...
> Is there a spec for the crypt function/command line format? Oddly the
> best spec I've seen is the PHP function by the same name.
> FreeBSD has some details as well
> and Ulrich Drepper's crypt sha-256/sha-512 impl:
> Ideally I'd like a crypt-like format e.g. such as $7$... that
> represents scrypt with related parameters. Given that Ulrich Drepper
> just wrote a txt file, and didn't appear to submit to an official
> standards body, I suspect that there is no standard.
That is right, I don't think there is any standard, just well
> Any tips here, or possibility of adding an appendix to this spec
> documenting a crypt-style format? Or is this done, and I'm just not
> seeing it?
I agree it should be done, but I'm not convinced it should be done in
this document -- a scrypt-based crypt is not implemented today and would
be experimental, and that will set back the review process of the draft.
Granted, the ASN.1 parts or not implemented either, but I suspect that
more easily will fly under the radar.
We could start it as a parallel effort though. Would you like to help
work on this? I started a document here:
I think we need implementation experience to move forward, I don't see
much more that is needed in a crypt spec for scrypt. Maybe some default
> Nick Galbreath
> On Mon, Sep 17, 2012 at 8:18 PM, Colin Percival <firstname.lastname@example.org> wrote:
>> Hi all,
>> In case anyone here is interested in standards processes, you should be
>> aware that Simon Josefsson has written up scrypt as an Internet Draft
>> which will hopefully end up turning into an RFC:
>> Colin Percival
>> Security Officer Emeritus, FreeBSD | The power to serve
>> Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid