i was going through the manual and ran across the following in the
description of ${hmac...}
This function uses cryptographic hashing (either MD5 or SHA-1) to
convert a shared secret and some text into a message authentication
code, as specified in RFC 2104. You could produce a similar effect
using ${md5:secret_text...}, but allegedly HMAC provides better
defence against deducing the secret.
i'd like to propose a more accurate phrasing for the last sentence:
This differs from ${md5:secret_text...} or ${sha1:secret_text...} in that
the hmac step adds a signature to the crypographic hash, allowing for
authentication that is not possible with md5 or sha1 alone.
richard
--
Richard Welty rwelty@???
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
