You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2021/05/26 18:53:24 UTC

[GitHub] [couchdb] iilyak edited a comment on pull request #3577: Moved couch_httpd_auth options to chttpd_auth 3.x

iilyak edited a comment on pull request #3577:
URL: https://github.com/apache/couchdb/pull/3577#issuecomment-849035468


   Looks good. 
   
   I think we need to put default values back for: 
   - "authentication_redirect" -  to preserve compatibility during upgrade
   - "iterations" - to maintain adequate security by default see [1]. 
   
   
   [1] - https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf
   
   > 5.2 The Iteration Count (C) 
   
   > A  minimum  iteration  count  of  1,000  is  recommended.  For  especially  critical  keys,  or  for  very  powerful  systems  or  systems  where  user-perceived  performance  is  not  critical,  an  iteration count of 10,000,000 may be appropriate.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org